CVE Vulnerabilities

CVE-2003-1343

Improper Authentication

Published: Dec 31, 2003 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly 3560121183d3.

Weakness

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Scanmail Trend_micro * 3.8
Scanmail Trend_micro * 6.0

Potential Mitigations

References