CVE-2003-0512
Published Aug 27, 2003
Last updated 7 years ago
Overview
- Description
- Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24\\)s1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3630462-F414-4D6B-8766-7CED5366C852"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.0\\(24.2\\)s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C3E9A9A-B80F-43BD-8A63-762B60D6DBE3"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(11\\)ja1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F7E536B-DD9A-4F46-B8C1-F29DC3298972"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9802FF68-2932-42F6-B66F-545A59FB5EB7"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(14.5\\)t:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E51D01E-F3CB-4413-985E-D72F71D7B423"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15\\)zn:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "776DCDA0-839D-4EA2-8C0C-D28E897C1E71"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(15.1\\)s:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C4B7EF3-FD99-4CCD-B05A-807EE53A58BE"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16\\)b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF6730C6-1387-4A52-8778-7FC144134AC6"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2\\(16.1\\)b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB1A7354-F886-427D-943A-388824100550"
}
],
"operator": "OR"
}
]
}
]