CVE-2004-0939

EPSS 0.86%
Published 09.02.2005 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

changepassword.cgi in Neoteris Instant Virtual Extranet (IVE) 3.x and 4.x, with LDAP authentication or NT domain authentication enabled, does not limit the number of times a bad password can be entered, which allows remote attackers to guess passwords via a brute force attack.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Neoteris ≫ Instant Virtual Extranet

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.86%	0.729

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://marc.info/?l=bugtraq&m=109709990708794&w=2

http://secunia.com/advisories/12752

http://securitytracker.com/id?1011552

http://www.gosecure.ca/SecInfo/gosecure-2004-10.txt

http://www.osvdb.org/8365

https://exchange.xforce.ibmcloud.com/vulnerabilities/17629

https://nvd.nist.gov/vuln/detail/CVE-2004-0939

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0939

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0939

EUVD