Vulnerability Details CVE-2002-0706
UserManager.js in the Web Reports Server for SurfControl SuperScout WebFilter uses weak encryption for administrator functions, which allows remote attackers to decrypt the administrative password using a hard-coded key in a Javascript function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=103359690824103&w=2
- http://www.iss.net/security_center/static/10247.php
- http://www.osvdb.org/3491
- http://www.westpoint.ltd.uk/advisories/wp-02-0005.txt
- http://marc.info/?l=bugtraq&m=103359690824103&w=2
- http://www.iss.net/security_center/static/10247.php
- http://www.osvdb.org/3491
- http://www.westpoint.ltd.uk/advisories/wp-02-0005.txt
Products affected by CVE-2002-0706
-
cpe:2.3:a:surfcontrol:superscout_web_filter:3.0
-
cpe:2.3:a:surfcontrol:superscout_web_filter:3.0.3
-
cpe:2.3:a:surfcontrol:web_filter:4.0
-
cpe:2.3:a:surfcontrol:web_filter:4.1