CVE-2001-1425
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/04/2001
Last modified:
03/04/2025
Description
The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:alcatel:speed_touch_home:khdsaa.108:*:*:*:*:*:*:* | ||
| cpe:2.3:h:alcatel:speed_touch_home:khdsaa.132:*:*:*:*:*:*:* | ||
| cpe:2.3:h:alcatel:speed_touch_home:khdsaa.133:*:*:*:*:*:*:* | ||
| cpe:2.3:h:alcatel:speed_touch_home:khdsaa.134:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
- http://www.cert.org/advisories/CA-2001-08.html
- http://www.kb.cert.org/vuls/id/243592
- http://www.securityfocus.com/archive/1/175229
- http://www.securityfocus.com/bid/2568
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6354
- http://security.sdsc.edu/self-help/alcatel/alcatel-bugs.html
- http://www.cert.org/advisories/CA-2001-08.html
- http://www.kb.cert.org/vuls/id/243592
- http://www.securityfocus.com/archive/1/175229
- http://www.securityfocus.com/bid/2568
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6354