cvelistv5 - cve-2004-2455

CVE-2004-2455 (GCVE-0-2004-2455)

Vulnerability from cvelistv5 – Published: 2005-08-20 04:00 – Updated: 2024-08-08 01:29

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/10339	vdb-entryx_refsource_BID
	http://www.osvdb.org/6109	vdb-entryx_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/11603	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/alerts/2004/May/10…	vdb-entryx_refsource_SECTRACK
	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:29:13.619Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10339"
          },
          {
            "name": "6109",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/6109"
          },
          {
            "name": "sweex-router-obtain-information(16140)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
          },
          {
            "name": "11603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11603"
          },
          {
            "name": "1010143",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
          },
          {
            "name": "20040512 Sweex 802.11g router/accesspoint config disclosure / remote config",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10339"
        },
        {
          "name": "6109",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/6109"
        },
        {
          "name": "sweex-router-obtain-information(16140)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
        },
        {
          "name": "11603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11603"
        },
        {
          "name": "1010143",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
        },
        {
          "name": "20040512 Sweex 802.11g router/accesspoint config disclosure / remote config",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2455",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10339"
            },
            {
              "name": "6109",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/6109"
            },
            {
              "name": "sweex-router-obtain-information(16140)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
            },
            {
              "name": "11603",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11603"
            },
            {
              "name": "1010143",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
            },
            {
              "name": "20040512 Sweex 802.11g router/accesspoint config disclosure / remote config",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2455",
    "datePublished": "2005-08-20T04:00:00",
    "dateReserved": "2005-08-20T00:00:00",
    "dateUpdated": "2024-08-08T01:29:13.619Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5160B3B9-7022-48D8-825A-B999D4821737\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.\"}]",
      "id": "CVE-2004-2455",
      "lastModified": "2024-11-20T23:53:23.923",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2004-12-31T05:00:00.000",
      "references": "[{\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/11603\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/6109\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/10339\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/alerts/2004/May/1010143.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/11603\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/6109\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/10339\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/alerts/2004/May/1010143.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-2455\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-12-31T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5160B3B9-7022-48D8-825A-B999D4821737\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/11603\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/6109\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/10339\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/alerts/2004/May/1010143.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/11603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/6109\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/10339\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/alerts/2004/May/1010143.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16140\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200412-0301

Vulnerability from variot - Updated: 2023-12-18 13:26

Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. It has been reported that Sweex Wireless Broadband Router/Access Point is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable access point. It has been reported that the access point has a TFTP service running that is enabled by default. Successful exploitation of this issue may allow a remote attacker to gain access to sensitive information that could eventually allow an attacker to completely compromise the access point. Sweex Wireless Broadband Router/Access Point 11g is reported to be prone to this issue. TITLE: Sweex Wireless Broadband Router Exposure of Configuration

SECUNIA ADVISORY ID: SA11603

VERIFY ADVISORY: http://secunia.com/advisories/11603/

CRITICAL: Moderately critical

IMPACT: Exposure of system information, Exposure of sensitive information

WHERE:

From local network

OPERATING SYSTEM: Sweex Wireless Broadband Router/ Acces Point 11g

DESCRIPTION: Mark Janssen has reported a vulnerability in Sweex Wireless Broadband Router/Accesspoint, allowing malicious people to gain knowledge of the configuration. This allows anyone with access to the network to download configuration files, including a file containing usernames and passwords.

Reportedly, the tftp service can't be disabled.

Other Sweex products may also be affected.

SOLUTION: Do not use the device on networks with untrusted users.

PROVIDED AND/OR DISCOVERED BY: Mark Janssen

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200412-0301",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wireless broadband router accesspoint 802.11g",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sweex",
        "version": "lc000060"
      },
      {
        "model": "broadband router/acces point 11g",
        "scope": null,
        "trust": 0.3,
        "vendor": "sweex",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "10339"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Discovery is credited to Mark Janssen.",
    "sources": [
      {
        "db": "BID",
        "id": "10339"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2004-2455",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": true,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-10883",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-2455",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200412-545",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-10883",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. It has been reported that Sweex Wireless Broadband Router/Access Point is prone to a vulnerability that may allow a remote attacker to gain unauthorized access to a vulnerable access point.  It has been reported that the access point has a TFTP service running that is enabled by default. \nSuccessful exploitation of this issue may allow a remote attacker to gain access to sensitive information that could eventually allow an attacker to completely compromise the access point. \nSweex Wireless Broadband Router/Access Point 11g is reported to be prone to this issue. \nTITLE:\nSweex Wireless Broadband Router Exposure of Configuration\n\nSECUNIA ADVISORY ID:\nSA11603\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/11603/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nExposure of system information, Exposure of sensitive information\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nSweex Wireless Broadband Router/ Acces Point 11g\n\nDESCRIPTION:\nMark Janssen has reported a vulnerability in Sweex Wireless Broadband\nRouter/Accesspoint, allowing malicious people to gain knowledge of\nthe configuration. This allows anyone with access to the network\nto download configuration files, including a file containing\nusernames and passwords. \n\nReportedly, the tftp service can\u0027t be disabled. \n\nOther Sweex products may also be affected. \n\nSOLUTION:\nDo not use the device on networks with untrusted users. \n\nPROVIDED AND/OR DISCOVERED BY:\nMark Janssen\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "BID",
        "id": "10339"
      },
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "db": "PACKETSTORM",
        "id": "33331"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "10339",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "11603",
        "trust": 1.8
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1010143",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "6109",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "16140",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20040512 SWEEX 802.11G ROUTER/ACCESSPOINT CONFIG DISCLOSURE / REMOTE CONFIG",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "6438",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-10883",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "33331",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "db": "BID",
        "id": "10339"
      },
      {
        "db": "PACKETSTORM",
        "id": "33331"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "id": "VAR-200412-0301",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:26:07.190000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/10339"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/6109"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/alerts/2004/may/1010143.html"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/11603"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/16140"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/6438"
      },
      {
        "trust": 0.3,
        "url": "http://www.sweex.com/product.asp?pid=288"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet@packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/11603/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "db": "BID",
        "id": "10339"
      },
      {
        "db": "PACKETSTORM",
        "id": "33331"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "db": "BID",
        "id": "10339"
      },
      {
        "db": "PACKETSTORM",
        "id": "33331"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-12-31T00:00:00",
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "date": "2004-05-13T00:00:00",
        "db": "BID",
        "id": "10339"
      },
      {
        "date": "2004-05-13T23:19:00",
        "db": "PACKETSTORM",
        "id": "33331"
      },
      {
        "date": "2004-12-31T05:00:00",
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "date": "2004-05-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-10883"
      },
      {
        "date": "2004-05-13T00:00:00",
        "db": "BID",
        "id": "10339"
      },
      {
        "date": "2017-07-11T01:31:54.747000",
        "db": "NVD",
        "id": "CVE-2004-2455"
      },
      {
        "date": "2005-10-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Sweex Wireless broadband router /AP Unauthorized access vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "access verification error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200412-545"
      }
    ],
    "trust": 0.6
  }
}

GHSA-2VWC-94Q4-MQWR

Vulnerability from github – Published: 2022-04-29 03:01 – Updated: 2022-04-29 03:01

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2004-2455"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2004-12-31T05:00:00Z",
    "severity": "HIGH"
  },
  "details": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.",
  "id": "GHSA-2vwc-94q4-mqwr",
  "modified": "2022-04-29T03:01:27Z",
  "published": "2022-04-29T03:01:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2004-2455"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
    },
    {
      "type": "WEB",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/11603"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/6109"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/10339"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2004-2455

Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/11603	Vendor Advisory
cve@mitre.org	http://www.osvdb.org/6109
cve@mitre.org	http://www.securityfocus.com/bid/10339
cve@mitre.org	http://www.securitytracker.com/alerts/2004/May/1010143.html
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/16140
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/11603	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/6109
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/10339
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/alerts/2004/May/1010143.html
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/16140

Impacted products

	Vendor	Product	Version
	sweex	wireless_broadband_router_accesspoint_802.11g	lc000060

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*",
              "matchCriteriaId": "5160B3B9-7022-48D8-825A-B999D4821737",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."
    }
  ],
  "id": "CVE-2004-2455",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/11603"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/6109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/10339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/11603"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/6109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/10339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2004-2455

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2004-2455

Aliases

CVE-2004-2455

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2004-2455",
    "description": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.",
    "id": "GSD-2004-2455"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2004-2455"
      ],
      "details": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file.",
      "id": "GSD-2004-2455",
      "modified": "2023-12-13T01:22:55.081863Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2004-2455",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "10339",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/10339"
          },
          {
            "name": "6109",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/6109"
          },
          {
            "name": "sweex-router-obtain-information(16140)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
          },
          {
            "name": "11603",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/11603"
          },
          {
            "name": "1010143",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
          },
          {
            "name": "20040512 Sweex 802.11g router/accesspoint config disclosure / remote config",
            "refsource": "FULLDISC",
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:sweex:wireless_broadband_router_accesspoint_802.11g:lc000060:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2455"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040512 Sweex 802.11g router/accesspoint config disclosure / remote config",
              "refsource": "FULLDISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html"
            },
            {
              "name": "10339",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/10339"
            },
            {
              "name": "6109",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/6109"
            },
            {
              "name": "1010143",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/alerts/2004/May/1010143.html"
            },
            {
              "name": "11603",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/11603"
            },
            {
              "name": "sweex-router-obtain-information(16140)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16140"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": true,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-11T01:31Z",
      "publishedDate": "2004-12-31T05:00Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2004-2455 (GCVE-0-2004-2455)

VAR-200412-0301

GHSA-2VWC-94Q4-MQWR

FKIE_CVE-2004-2455

GSD-2004-2455

Tags

Sightings

Nomenclature