CVE-2002-0235
Published May 29, 2002
Last updated 16 years ago
Overview
- Description
- Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:castelle:faxpress:6.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9E10A9D-97BF-45A3-A590-2A739054B543"
}
],
"operator": "OR"
}
]
}
]