Vulnerability Name: | CVE-2005-3344 (CCN-24576) | ||||||||
Assigned: | 2005-11-07 | ||||||||
Published: | 2005-11-07 | ||||||||
Updated: | 2017-07-11 | ||||||||
Summary: | The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access. | ||||||||
CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 8.7 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:H/RL:OF/RC:C)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-3344 Source: DEBIAN Type: Patch, Vendor Advisory DSA-884 Source: DEBIAN Type: DSA-884 horde3 -- design error Source: CCN Type: Horde Web site The Horde Application Framework Source: MISC Type: UNKNOWN http://www.networkscanning.com/Horde-Default-Admin-Password-Vulnerability-VSS_20171.html Source: OSVDB Type: UNKNOWN 24117 Source: CCN Type: OSVDB ID: 24117 Horde Admin Account Default Null Password Source: CCN Type: BID-15337 Debian Horde Default Administrator Password Vulnerability Source: BID Type: Patch 15337 Source: XF Type: UNKNOWN horde-default-account(24576) Source: XF Type: UNKNOWN horde-default-account(24576) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |