CVE-2002-0769
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/08/2002
Last modified:
03/04/2025
Description
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Impact
Base Score 2.0
6.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:cisco:ata-186:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html
- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
- http://www.iss.net/security_center/static/9056.php
- http://www.iss.net/security_center/static/9057.php
- http://www.securityfocus.com/bid/4711
- http://www.securityfocus.com/bid/4712
- http://archives.neohapsis.com/archives/bugtraq/2002-05/0083.html
- http://www.cisco.com/warp/public/707/ata186-password-disclosure.shtml
- http://www.iss.net/security_center/static/9056.php
- http://www.iss.net/security_center/static/9057.php
- http://www.securityfocus.com/bid/4711
- http://www.securityfocus.com/bid/4712