Vulnerabilities > CVE-2002-0736 - Authentication Bypass vulnerability in Microsoft BackOffice Server Web Administration
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |