Vulnerability Details CVE-2003-1386
AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.04
EPSS Ranking 87.8%
CVSS Severity
CVSS v2 Score 6.4
References
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0377.html
- http://archives.neohapsis.com/archives/bugtraq/2003-03/0370.html
- http://www.securityfocus.com/bid/6980
- http://www.websec.org/adv/axis2400.txt.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11440
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0377.html
- http://archives.neohapsis.com/archives/bugtraq/2003-03/0370.html
- http://www.securityfocus.com/bid/6980
- http://www.websec.org/adv/axis2400.txt.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11440
Products affected by CVE-2003-1386
-
cpe:2.3:h:axis:2400_video_server:2.0
-
cpe:2.3:h:axis:2400_video_server:2.20
-
cpe:2.3:h:axis:2400_video_server:2.31
-
cpe:2.3:h:axis:2400_video_server:2.32
-
cpe:2.3:h:axis:2400_video_server:2.33
-
cpe:2.3:h:axis:2401_video_server:2.20
-
cpe:2.3:h:axis:2401_video_server:2.31
-
cpe:2.3:h:axis:2401_video_server:2.32
-
cpe:2.3:h:axis:2401_video_server:2.33