CVE-2002-0236
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/05/2002
Last modified:
03/04/2025
Description
Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:lucent:vitalanalysis:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalanalysis:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalanalysis:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalevent:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalevent:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalevent:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalhelp:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalhelp:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalhelp:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalnet:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalnet:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalnet:8.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalsuite:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalsuite:8.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:lucent:vitalsuite:8.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page