CVE-2008-5124

Published Nov 18, 2008

Last updated 6 years ago

CVSS info 7.5

Overview

Description: JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30A65AD9-1D98-48E0-B7EF-7E1FB47C97F5",
            "versionEndIncluding": "4.8.0"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D73D5E2-38CD-4342-A064-C847738F7140"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5138FA13-1943-4308-89DA-46BF5AE9DD3B"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28009D43-E7AB-4D71-9FE7-1771E75D5735"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F5AE2D4-5D40-4414-93C0-63FD13FC782C"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF576BB4-BFDB-4481-A886-314C7B16B0BB"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5707E8E4-F4E9-4D87-BE87-571C9D062617"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE7B8DF4-2E5C-4487-B0A7-2B1CBA3A484D"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BC6BB45-A0AE-4CFC-9987-23CD144403E1"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE591237-63D6-42D4-ACCF-23880ABBE1A0"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FB79624-E5FE-4F4F-AF3F-22058D687A80"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15EE5E9A-F960-4B96-AE7F-0C25FF3C63D6"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A14E83A6-CAFA-48A9-8C0A-B1E23FFC44B6"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B9FEEE0-CE4B-4EC6-904E-B559437BC9F8"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:3.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216F6B93-4F99-4A4F-BCF5-61B83A7E2A76"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:3.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88B5DE37-BE3C-4990-926C-40C179B68A6C"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F830A41C-7442-4A41-AE65-95EFAE083C84"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52DE1596-15C9-4697-B607-AD96DB337C2E"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C2A1C6F-18F1-4F29-8698-30B31482465C"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50967251-A251-4D2A-805B-9AC8DD7ED564"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D153F840-80F9-44DB-A1A4-6C0DF8F75E00"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB349AD0-49F0-4293-AEBD-85AAE7D915FD"
          },
          {
            "criteria": "cpe:2.3:a:jscape:secure_ftp_applet:4.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DAB78588-E150-4E4E-8C56-FBEFDD1FDD34"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References