Lucene search

MitreCVE-2002-1541

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1541

2004-09-0104:00:00

mitre

web.nvd.nist.gov

cve-2002-1541

badblue 1.7

remote attackers

bypass password protections

http request

slash

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.006

Percentile

78.7%

JSON

BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).

Affected configurations

Nvd

Node

working_resources_inc.badblueMatch1.7.0

VendorProductVersionCPE
working_resources_inc.badblue1.7.0cpe:2.3:a:working_resources_inc.:badblue:1.7.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
working_resources_inc.	badblue	1.7.0	cpe:2.3:a:working_resources_inc.:badblue:1.7.0:::::::*

References

archives.neohapsis.com/archives/vulnwatch/2002-q4/0041.html

www.iss.net/security_center/static/10466.php

www.securityfocus.com/bid/6044

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

Low

EPSS

0.006

Percentile

78.7%

JSON

Related for CVE-2002-1541