VAR-200308-0077
Vulnerability from variot - Updated: 2025-04-03 22:27Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. A vulnerability in the Cisco Aironet 1100 Series Access Point may allow a remote attacker to discover valid accounts on the access point. Cisco IOS Specific versions of telnet There is a vulnerability that the response of the authentication result varies depending on the user name when password authentication is performed via.Depending on the response, it may be possible to infer whether the user exists. An information leak has been reported in Cisco Aironet Access Points when the telnet service has been enabled. This may allow a remote attacker to gain potentially sensitive information. If it is illegal, it will prompt the \"\% Login invalid\" message. VIGILANTe Security Watch Advisory
Name: Cisco Aironet AP1100 Valid Account Disclosure Vulnerability Systems Affected: Tested on a Cisco Aironet AP1100 Model 1120B Series Wireless device. Firmware version 12.2(4)JA and earlier. NB : A large number of Cisco IOSes are affected by this flaw. Severity: High Risk Vendor URL: http://www.vigilante.com Authors: Reda Zitouni (reda.zitouni@vigilante.com) Date: 28th July 2003 Advisory Code: VIGILANTE-2003002
Description
Cisco Aironet 1100 Series Access Point is a device manufactured by Cisco Systems offering a WLAN solution based on the 802.11b Wifi standard. The Aironet Bridge is vulnerable to a Brute Force attack revealing if an account exists or not.
If an attacker submits an existing account as login he will be then prompted for the password. If not the case a ""% Login invalid" reply will be displayed by the server, revealing the account is not existing. By default on the Aironet AP1100, the 'cisco' account is set and is prompted for a password when submitted. That default account then allows an attacker to determine if this flaw on the remote device is patched or not. This may lead to further serious attacks.
Vendor status:
Cisco was contacted June 19, 2003 and answered the same day. 5 days later, they told us that they would release a patch soon. The patch was finally released July 3, 2003. Please note that this flaw is released by Cisco as a Security Notice in CCO.
Vulnerability Assessment:
A test case to detect this vulnerability was added to SecureScan NX in the upgrade package of July 28, 2003. You can see the documentation of this test case 15438 on SecureScan NX web site at http://securescannx.vigilante.com/tc/15438. Fix: A firmware upgrading the Aironet IOS version to c1100-k9w7 has been released by Cisco. Please note that this version fixes some other bugs as TC 17655 (refer to release note). A stronger authentication mechanism, such as SSH can also be implemented.
CVE: Common Vulnerabilities and Exposures group ( reachable at http://cve.mitre.org/ ) was contacted and assigned CAN-2003-0512 to this vulnerability.
Links:
Cisco Advisory: http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml Vigilante Advisory: http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm Product Homepage: http://www.cisco.com/warp/public/cc/pd/witc/ps4570 CVE: CAN-2003-0512 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CAN-2003-0512
Credit:
This vulnerability was discovered by Reda Zitouni, member of our Security Watch Team at VIGILANTe. We wish to thank Cisco PSIRT Team for their fast answer to fix this problem. Copyright VIGILANTe.com, Inc. 2003-07-28
Disclaimer:
The information within this document may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any consequences whatsoever arising out of or in connection with the use or spread of this information. Any use of this information lays within the user's responsibility.
Feedback:
Please send suggestions, updates, and comments to securitywatch@vigilante.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200308-0077",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0\\(24\\)s1"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(11\\)ja1"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(16.1\\)b"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(16\\)b"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(14.5\\)"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(15.1\\)s"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(15\\)zn"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.0\\(24.2\\)s"
},
{
"model": "ios",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "12.2\\(14.5\\)t"
},
{
"model": "ios 12.2 ja",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.0"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.1"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios 12.2 ja1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 b",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 zn",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.2 t",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "12.2(14.5)"
},
{
"model": "ios 12.0 s",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "ios 12.0 s1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "BID",
"id": "8292"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:cisco:ios",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Reda Zitouni\u203b reda.zitouni@vigilante.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0512",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2003-0512",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-7340",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2003-0512",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#886796",
"trust": 0.8,
"value": "4.80"
},
{
"author": "NVD",
"id": "CVE-2003-0512",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200308-156",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-7340",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IOS 12.2 and earlier generates a \"% Login invalid\" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. A vulnerability in the Cisco Aironet 1100 Series Access Point may allow a remote attacker to discover valid accounts on the access point. Cisco IOS Specific versions of telnet There is a vulnerability that the response of the authentication result varies depending on the user name when password authentication is performed via.Depending on the response, it may be possible to infer whether the user exists. An information leak has been reported in Cisco Aironet Access Points when the telnet service has been enabled. This may allow a remote attacker to gain potentially sensitive information. If it is illegal, it will prompt the \\\"\\\\% Login invalid\\\" message. VIGILANTe Security Watch Advisory\n \nName: Cisco Aironet AP1100 Valid Account Disclosure Vulnerability\nSystems Affected: Tested on a Cisco Aironet AP1100 Model 1120B Series\nWireless device. \nFirmware version 12.2(4)JA and earlier. \nNB : A large number of Cisco IOSes are affected by this flaw. \nSeverity: High Risk\nVendor URL: http://www.vigilante.com\nAuthors: Reda Zitouni (reda.zitouni@vigilante.com)\nDate: 28th July 2003\nAdvisory Code: VIGILANTE-2003002\n \nDescription\n***********\nCisco Aironet 1100 Series Access Point is a device manufactured by Cisco\nSystems offering a WLAN solution based on the 802.11b Wifi standard. \nThe Aironet Bridge is vulnerable to a Brute Force attack revealing if an\naccount exists or not. \n \nIf an attacker submits an existing account as login he will be then\nprompted for the password. If not the case a \"\"% Login invalid\" reply\nwill be displayed by the server, revealing the account is not existing. \nBy default on the Aironet AP1100, the \u0027cisco\u0027 account is set and is\nprompted for a password when submitted. That default account then allows\nan attacker to determine if this flaw on the remote device is patched or\nnot. This may lead to further serious attacks. \n \n\nVendor status:\n**************\nCisco was contacted June 19, 2003 and answered the same day. 5 days\nlater, they told us that they would release a patch soon. The patch was\nfinally released July 3, 2003. Please note that this flaw is released by\nCisco as a Security Notice in CCO. \n \nVulnerability Assessment:\n************************\nA test case to detect this vulnerability was added to SecureScan NX in\nthe upgrade package of July 28, 2003. You can see the documentation of\nthis test case 15438 on SecureScan NX web site at\nhttp://securescannx.vigilante.com/tc/15438. \nFix: A firmware upgrading the Aironet IOS version to c1100-k9w7 has\nbeen released by Cisco. Please note that this version fixes some other\nbugs as TC 17655 (refer to release note). A\nstronger authentication mechanism, such as SSH can also be implemented. \n \nCVE: Common Vulnerabilities and Exposures group ( reachable at\nhttp://cve.mitre.org/ ) was contacted and assigned CAN-2003-0512 to this\nvulnerability. \n \nLinks:\n*****\nCisco Advisory:\nhttp://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml\nVigilante Advisory:\nhttp://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm\nProduct Homepage: http://www.cisco.com/warp/public/cc/pd/witc/ps4570\nCVE: CAN-2003-0512\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-CAN-2003-0512\n \n\nCredit:\n******\nThis vulnerability was discovered by Reda Zitouni, member of our\nSecurity Watch Team at VIGILANTe. \nWe wish to thank Cisco PSIRT Team for their fast answer to fix this\nproblem. \nCopyright VIGILANTe.com, Inc. 2003-07-28\n \nDisclaimer:\n**********\nThe information within this document may change without notice. Use of\nthis information constitutes acceptance for use in an AS IS condition. \nThere are NO warranties with regard to this information. In no event\nshall the author be liable for any consequences whatsoever arising out\nof or in connection with the use or spread of this information. Any use\nof this information lays within the user\u0027s responsibility. \n \nFeedback:\n********\nPlease send suggestions, updates, and comments to\nsecuritywatch@vigilante.com \n \n \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0512"
},
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "BID",
"id": "8292"
},
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "PACKETSTORM",
"id": "31464"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7340",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7340"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#886796",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2003-0512",
"trust": 2.9
},
{
"db": "BID",
"id": "8292",
"trust": 1.2
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20030724 ENUMERATING LOCALLY DEFINED USERS IN CISCO IOS",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:5824",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030728 CISCO AIRONET AP1100 VALID ACCOUNT DISCLOSURE VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "31464",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-7340",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "BID",
"id": "8292"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "PACKETSTORM",
"id": "31464"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"id": "VAR-200308-0077",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7340"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:27:20.448000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sn-20030724-ios-enum",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml"
},
{
"trust": 2.6,
"url": "http://www.vigilante.com/inetsecurity/advisories/vigilante-2003002.htm"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/886796"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0056.html"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5824"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/fsaaa/index.htm"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/pcgi-bin/support/bugtool/onebug.pl?bugid=cscdz29724"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/cc/pd/witc/ps4570/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0512"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0512"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/8292"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5824"
},
{
"trust": 0.3,
"url": "/archive/1/330686"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/cc/pd/witc/ps4570"
},
{
"trust": 0.1,
"url": "http://www.vigilante.com"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-can-2003-0512"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2003-0512"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/"
},
{
"trust": 0.1,
"url": "http://securescannx.vigilante.com/tc/15438."
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "BID",
"id": "8292"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "PACKETSTORM",
"id": "31464"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#886796"
},
{
"db": "VULHUB",
"id": "VHN-7340"
},
{
"db": "BID",
"id": "8292"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"db": "PACKETSTORM",
"id": "31464"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-28T00:00:00",
"db": "CERT/CC",
"id": "VU#886796"
},
{
"date": "2003-08-27T00:00:00",
"db": "VULHUB",
"id": "VHN-7340"
},
{
"date": "2003-07-28T00:00:00",
"db": "BID",
"id": "8292"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"date": "2003-07-29T17:47:52",
"db": "PACKETSTORM",
"id": "31464"
},
{
"date": "2003-07-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"date": "2003-08-27T04:00:00",
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-07-29T00:00:00",
"db": "CERT/CC",
"id": "VU#886796"
},
{
"date": "2017-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-7340"
},
{
"date": "2009-07-11T22:56:00",
"db": "BID",
"id": "8292"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000233"
},
{
"date": "2009-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200308-156"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2003-0512"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "31464"
},
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account",
"sources": [
{
"db": "CERT/CC",
"id": "VU#886796"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200308-156"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…