9.8
CVE-2001-0395
- EPSS 1.91%
- Veröffentlicht 02.07.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:13
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginLightwave ConsoleServer 3200 does not disconnect users after unsuccessful login attempts, which could allow remote attackers to conduct brute force password guessing.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lightwavemo ≫ Consoleserver 3200 Firmware Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.91% | 0.771 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-307 Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
http://archives.neohapsis.com/archives/bugtraq/2001-04/0170.html
http://www.securityfocus.com/bid/2578