CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2001-1463

The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://securitytracker.com/id?1002882
http://www.kb.cert.org/vuls/id/279763
https://exchange.xforce.ibmcloud.com/vulnerabilities/7925
http://securitytracker.com/id?1002882
http://www.kb.cert.org/vuls/id/279763
https://exchange.xforce.ibmcloud.com/vulnerabilities/7925

Products affected by CVE-2001-1463

Solarwinds » Serv-U File Server » Version: 3.0.0.16

cpe:2.3:a:solarwinds:serv-u_file_server:3.0.0.16
Solarwinds » Serv-U File Server » Version: 3.0.0.17

cpe:2.3:a:solarwinds:serv-u_file_server:3.0.0.17

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2001-1463

Products

Pricing

Contact Us