Vulnerability Details CVE-2004-1609
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html
- http://marc.info/?l=bugtraq&m=109811852218478&w=2
- http://secunia.com/advisories/12883
- http://securitytracker.com/id?1011769
- http://www.osvdb.org/10946
- http://www.securityfocus.com/bid/11450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17753
- http://archives.neohapsis.com/archives/fulldisclosure/2004-10/0661.html
- http://marc.info/?l=bugtraq&m=109811852218478&w=2
- http://secunia.com/advisories/12883
- http://securitytracker.com/id?1011769
- http://www.osvdb.org/10946
- http://www.securityfocus.com/bid/11450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17753
Products affected by CVE-2004-1609
-
cpe:2.3:a:best_software:saleslogix:*
-
cpe:2.3:a:saleslogix_corporation:saleslogix:2000.0