VAR-200312-0483
Vulnerability from variot - Updated: 2023-12-18 13:40The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. A weakness has been reported for the MN-500 device that may result in the disclosure of administrative credentials to remote attackers. Microsoft MN-500 is a wireless access device that supports 802.11B wireless network. According to the report, the problem is that the backup configuration file stores the administrator password in clear text, and the attacker can control the entire device by querying the backup file to obtain authentication information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0483",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mn-500 wireless base station",
"scope": "eq",
"trust": 1.0,
"vendor": "microsoft",
"version": "*"
},
{
"model": "mn-500 wireless base station",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "mn-500",
"scope": null,
"trust": 0.3,
"vendor": "microsoft",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "7496"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:microsoft:mn-500_wireless_base_station:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1482"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Kurczaba\u203b pkurczaba@att.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
],
"trust": 0.6
},
"cve": "CVE-2003-1482",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-8307",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1482",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-162",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-8307",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8307"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. A weakness has been reported for the MN-500 device that may result in the disclosure of administrative credentials to remote attackers. Microsoft MN-500 is a wireless access device that supports 802.11B wireless network. According to the report, the problem is that the backup configuration file stores the administrator password in clear text, and the attacker can control the entire device by querying the backup file to obtain authentication information",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "BID",
"id": "7496"
},
{
"db": "VULHUB",
"id": "VHN-8307"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "7496",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1006691",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2003-1482",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "4775",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-8307",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8307"
},
{
"db": "BID",
"id": "7496"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"id": "VAR-200312-0483",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8307"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:58.252000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8307"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/7496"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1006691"
},
{
"trust": 1.1,
"url": "http://www.kurczaba.com/html/security/0305031.htm"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/4775"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com/hardware/broadbandnetworking/wirelessbasestation.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8307"
},
{
"db": "BID",
"id": "7496"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-8307"
},
{
"db": "BID",
"id": "7496"
},
{
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-8307"
},
{
"date": "2003-05-03T00:00:00",
"db": "BID",
"id": "7496"
},
{
"date": "2003-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"date": "2003-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-8307"
},
{
"date": "2003-05-03T00:00:00",
"db": "BID",
"id": "7496"
},
{
"date": "2008-09-05T20:37:03.260000",
"db": "NVD",
"id": "CVE-2003-1482"
},
{
"date": "2003-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft MN-500 Clear text password disclosure vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200312-162"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…