Vulnerability Details CVE-2002-0769
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.055
EPSS Ranking 89.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html
- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
- http://www.iss.net/security_center/static/9056.php
- http://www.iss.net/security_center/static/9057.php
- http://www.securityfocus.com/bid/4711
- http://www.securityfocus.com/bid/4712
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html
- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
- http://www.iss.net/security_center/static/9056.php
- http://www.iss.net/security_center/static/9057.php
- http://www.securityfocus.com/bid/4711
- http://www.securityfocus.com/bid/4712