Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2002-0870 | First vendor Publication | 2002-09-05 |
Vendor | Cve | Last vendor Modification | 2008-09-05 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0870 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-56 | Removing/short-circuiting 'guard logic' |
CWE : Common Weakness Enumeration
% | Id | Name |
---|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
1848 | Cisco CSS Web Management Authentication Bypass WebNS contains a flaw that may allow a malicious user to gain access to administrative privileges. The issue is triggered when an attackers navigates directly to the web management URL, instead of navigating through the interface. It is possible that the flaw may allow administrative control of the device resulting in a loss of confidentiality, integrity, and/or availability. |
Sources (Detail)
Source | Url |
---|---|
CISCO | http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml |
Alert History
Date | Informations |
---|---|
2021-05-04 12:01:43 |
|
2021-04-22 01:01:51 |
|
2020-05-23 00:15:02 |
|
2013-05-11 12:10:51 |
|