CVE-2002-0236

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/05/2002
Last modified:
03/04/2025

Description

Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:lucent:vitalanalysis:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalanalysis:8.1:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalanalysis:8.2:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalevent:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalevent:8.1:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalevent:8.2:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalhelp:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalhelp:8.1:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalhelp:8.2:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalnet:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalnet:8.1:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalnet:8.2:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalsuite:8.0:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalsuite:8.1:*:*:*:*:*:*:*
cpe:2.3:a:lucent:vitalsuite:8.2:*:*:*:*:*:*:*