CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2079

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://genhex.org/releases/031003.txt
http://marc.info/?l=full-disclosure&m=107635119005407&w=2
http://securitytracker.com/id?1009001
http://www.osvdb.org/3952
http://www.securiteam.com/securitynews/5SP0C0KC0A.html
http://www.securityfocus.com/archive/1/353211
http://www.securityfocus.com/bid/9618
https://exchange.xforce.ibmcloud.com/vulnerabilities/15088
http://genhex.org/releases/031003.txt
http://marc.info/?l=full-disclosure&m=107635119005407&w=2
http://securitytracker.com/id?1009001
http://www.osvdb.org/3952
http://www.securiteam.com/securitynews/5SP0C0KC0A.html
http://www.securityfocus.com/archive/1/353211
http://www.securityfocus.com/bid/9618
https://exchange.xforce.ibmcloud.com/vulnerabilities/15088

Products affected by CVE-2004-2079

Red-M » Red-Alert » Version: 2.7.5_v3.1_build_24

cpe:2.3:h:red-m:red-alert:2.7.5_v3.1_build_24

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2079

Products

Pricing

Contact Us