Vulnerabilities > CVE-2003-0974 - Authentication Bypass vulnerability in Applied Watch Technologies Applied Watch Command Center 1.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
applied-watch-technologies
exploit available
NVD
Published: 2003-12-15
Updated: 2016-10-18

Summary

Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.

Vulnerable Configurations

Part Description Count
Application
Applied_Watch_Technologies
1

Exploit-Db

  • descriptionApplied Watch Command Center 1.0 Authentication Bypass Vulnerability (2). CVE-2003-0974. Remote exploits for multiple platform
    idEDB-ID:23405
    last seen2016-02-02
    modified2003-11-28
    published2003-11-28
    reporterBugtraq Security
    sourcehttps://www.exploit-db.com/download/23405/
    titleApplied Watch Command Center 1.0 - Authentication Bypass Vulnerability 2
  • descriptionApplied Watch Command Center 1.0 Authentication Bypass Vulnerability (1). CVE-2003-0974. Remote exploits for multiple platform
    idEDB-ID:23404
    last seen2016-02-02
    modified2003-11-28
    published2003-11-28
    reporterBugtraq Security
    sourcehttps://www.exploit-db.com/download/23404/
    titleApplied Watch Command Center 1.0 - Authentication Bypass Vulnerability 1

References