Vulnerability Details CVE-2004-2357
The embedded MySQL 4.0 server for Proofpoint Protection Server does not require a password for the root user of MySQL, which allows remote attackers to read or modify the backend database.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.4%
CVSS Severity
CVSS v2 Score 6.4
References
- http://marc.info/?l=full-disclosure&m=107745676915297&w=2
- http://marc.info/?l=full-disclosure&m=107752568009182&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15280
- http://marc.info/?l=full-disclosure&m=107745676915297&w=2
- http://marc.info/?l=full-disclosure&m=107752568009182&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15280
Products affected by CVE-2004-2357
-
cpe:2.3:a:proofpoint:proofpoint_protection_server:*