CVE Vulnerabilities

CVE-2002-0736

Published: Aug 12, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

Affected Software

Name Vendor Start Version End Version
Backoffice Microsoft 4.0 (including) 4.0 (including)
Backoffice Microsoft 4.5 (including) 4.5 (including)

References