CVE-2003-1363 - OpenCVE

The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Aprelium Technologies	Abyss Web Server

Configuration 1 [-]

cpe:2.3:a:aprelium_technologies:abyss_web_server:*:*:*:*:*:*:*:*

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2003-02/0149.html
http://www.iss.net/security_center/static/11310.php
http://www.securityfocus.com/bid/6842

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:42

Updated: 2022-10-03T16:15:42

Reserved: 2022-10-03T00:00:00

Link: CVE-2003-1363

JSON object: View

NVD Information

Status : Analyzed

Published: 2003-12-31T05:00:00.000

Modified: 2008-09-05T20:36:44.477

Link: CVE-2003-1363

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-10-03T16:15:42", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "abyss-web-admin-bruteforce(11310)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/11310.php"}, {"name": "20030212 Abyss WebServer Brute Force Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0149.html"}, {"name": "6842", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/6842"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-1363", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "abyss-web-admin-bruteforce(11310)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/11310.php"}, {"name": "20030212 Abyss WebServer Brute Force Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0149.html"}, {"name": "6842", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6842"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-1363", "datePublished": "2022-10-03T16:15:42", "dateReserved": "2022-10-03T00:00:00", "dateUpdated": "2022-10-03T16:15:42", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}