Vulnerability Details : CVE-2005-0868
Potential exploit
AS/400 Telnet 5250 terminal emulation clients, as implemented by (1) IBM client access, (2) Bosanova, (3) PowerTerm, (4) Mochasoft, and possibly other emulations, allows malicious AS/400 servers to execute arbitrary commands via a STRPCO (Start PC Organizer) command followed by STRPCCMD (Start PC command), as demonstrated by creating a backdoor account using REXEC.
Products affected by CVE-2005-0868
- cpe:2.3:a:ibm:client_access:*:*:*:*:*:*:*:*
- cpe:2.3:a:bosanova:launcher400:*:*:*:*:*:*:*:*
- cpe:2.3:a:mochasoft:tn5250:*:*:*:*:*:*:*:*
- cpe:2.3:a:powerterm:interconnect:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-0868
0.97%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-0868
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-0868
Jump to