CVE-2002-0870 : The original patch for the Cisco Content Service Switch 11000 Series authenticat

The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.

Published 2002-09-05 04:00:00

Updated 2008-09-05 20:29:11

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-0870

Cisco » Content Services Switch 11000
cpe:2.3:h:cisco:content_services_switch_11000:*:*:*:*:*:*:*:*
Matching versions
Cisco » Webns
cpe:2.3:a:cisco:webns:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-0870

EPSS FAQ

0.46%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 62 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-0870

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2002-0870

http://www.cisco.com/warp/public/707/arrowpoint-webmgmt-vuln-pub.shtml

Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2002-0870

Products affected by CVE-2002-0870

Exploit prediction scoring system (EPSS) score for CVE-2002-0870

CVSS scores for CVE-2002-0870

References for CVE-2002-0870