Vulnerability Name:

CVE-2004-0477 (CCN-16267)

Assigned:2004-05-27
Published:2004-05-27
Updated:2017-07-11
Summary:Unknown vulnerability in 3Com OfficeConnect Remote 812 ADSL Router allows remote attackers to bypass authentication via repeated attempts using any username and password.
Note: this identifier was inadvertently re-used for another issue due to a typo; that issue was assigned CVE-2004-0447. This candidate is ONLY for the ADSL router bypass.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2004-0477

Source: CCN
Type: SA11716
3Com OfficeConnect 812 ADSL Router Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
11716

Source: IDEFENSE
Type: Patch, Vendor Advisory
20040527 iDEFENSE Security Advisory 05.27.04: 3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability

Source: CCN
Type: iDEFENSE Security Advisory 05.27.04
3Com OfficeConnect Remote 812 ADSL Router Authentication Bypass Vulnerability

Source: CCN
Type: OSVDB ID: 8198
Linux Kernel Unspecified IA64 Local DoS

Source: BID
Type: Patch, Vendor Advisory
10426

Source: CCN
Type: BID-10426
3Com OfficeConnect Remote 812 ADSL Router Web Interface Authentication Bypass Vulnerability

Source: XF
Type: UNKNOWN
3com-officeconnect-gain-access(16267)

Source: XF
Type: UNKNOWN
3com-officeconnect-gain-access(16267)

Vulnerable Configuration:Configuration 1:
  • cpe:/h:3com:3cp4144:*:*:*:*:*:*:*:*
  • OR cpe:/h:3com:3cp4144:1.1.9.4:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/h:3com:3cp4144:-:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    3com 3cp4144 *
    3com 3cp4144 1.1.9.4
    3com 3cp4144 -