7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.04 Low
EPSS
Percentile
92.1%
iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.
lists.virus.org/vulnwatch-0201/msg00008.html
securitytracker.com/id?1003157
www.kb.cert.org/vuls/id/985347
www.kb.cert.org/vuls/id/AAMN-567NFX
www.procheckup.com/vulnerabilities/pr0105.html
www.securiteam.com/securitynews/5IP0G0060Q.html
www.securityfocus.com/bid/3831
exchange.xforce.ibmcloud.com/vulnerabilities/7845