6
CVE-2003-0904
- EPSS 14.16%
- Veröffentlicht 20.01.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Exchange Server Version2003 Update-
Microsoft ≫ Sharepoint Services Version2.0
Microsoft ≫ Windows Server 2003 SwEditionenterprise HwPlatformx64
Microsoft ≫ Windows Server 2003 Version- SwEditiondatacenter HwPlatformx64
Microsoft ≫ Windows Server 2003 Version- SwEditionstandard HwPlatformx64
Microsoft ≫ Windows Server 2003 Version- SwEditionweb
Microsoft ≫ Windows Server 2003 Versionr2 HwPlatformx64
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 14.16% | 0.942 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.