| Vulnerability Name: | CCN-12438 | ||||||
| Published: | 2003-06-24 | ||||||
| Updated: | 2003-06-24 | ||||||
| Summary: | NetScreen could allow a remote attacker to gain unauthorized access to protected resources and services, caused by a vulnerability in the authentication mechanism, which authenticates users based on the source IP address only. If a user with a valid account authenticates to a vulnerable system, a remote attacker with the same source IP address can gain unauthorized access to the system without authenticating. | ||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||
| CVSS v2 Severity: | 5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||
| Vulnerability Consequences: | Bypass Security | ||||||
| References: | Source: CCN Type: BugTraq Mailing List, Tue Jun 24 2003 - 23:14:40 CDT Authentication Vulnerability in NetScreen ScreenOS Source: CCN Type: BID-8033 NetScreen ScreenOS Same Source IP Authentication Vulnerability Source: XF Type: UNKNOWN netscreen-screenos-auth-bypass(12438) | ||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
| BACK | |||||||