CVE Vulnerabilities

CVE-2002-0236

Published: May 29, 2002 | Modified: Oct 18, 2016
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Lucent VitalSuite 8.0 through 8.2, including VitalNet, VitalEvent, and VitalHelp/VitalAnalysis, allows remote attackers to bypass authentication via a direct HTTP request to the VsSetCookie.exe program, which returns a valid cookie for the desired user.

Affected Software

Name Vendor Start Version End Version
Vitalanalysis Lucent 8.0 8.0
Vitalanalysis Lucent 8.1 8.1
Vitalanalysis Lucent 8.2 8.2
Vitalevent Lucent 8.0 8.0
Vitalevent Lucent 8.1 8.1
Vitalevent Lucent 8.2 8.2
Vitalhelp Lucent 8.0 8.0
Vitalhelp Lucent 8.1 8.1
Vitalhelp Lucent 8.2 8.2
Vitalnet Lucent 8.0 8.0
Vitalnet Lucent 8.1 8.1
Vitalnet Lucent 8.2 8.2
Vitalsuite Lucent 8.0 8.0
Vitalsuite Lucent 8.1 8.1
Vitalsuite Lucent 8.2 8.2

References