Vulnerability Details CVE-2002-1769
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.288
EPSS Ranking 96.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0033.html
- http://online.securityfocus.com/advisories/3843
- http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3BQ248840
- http://www.securityfocus.com/bid/3998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8048
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0033.html
- http://online.securityfocus.com/advisories/3843
- http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3BQ248840
- http://www.securityfocus.com/bid/3998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8048
Products affected by CVE-2002-1769
-
cpe:2.3:a:microsoft:site_server:3.0
-
cpe:2.3:a:microsoft:site_server_commerce:3.0