Vulnerabilities > CVE-2005-4029 - Remote Security vulnerability in WebEOC

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

esi-products

NVD

Published: 2005-12-05

Updated: 2008-09-05

Summary

WebEOC before 6.0.2 allows remote attackers to obtain valid usernames via the HTML source of the WebEOC login webpage, which could be useful in other attacks such as locking out valid users via brute force methods.

Vulnerable Configurations

Part	Description	Count
Application	Esi_Products ESI Products Webeoc *	1

References

http://www.kb.cert.org/vuls/id/170394