CVE-2000-1173 — MEDIUM (5.0)

Vulnerability Description

Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Microsys	Cyberpatrol	4.04.003

References

http://archives.neohapsis.com/archives/bugtraq/2000-11/0323.htmlExploitVendor Advisory
http://www.securityfocus.com/bid/1977ExploitVendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2000-11/0323.htmlExploitVendor Advisory
http://www.securityfocus.com/bid/1977ExploitVendor Advisory

FAQ

What is CVE-2000-1173?

CVE-2000-1173 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sni...

How severe is CVE-2000-1173?

CVE-2000-1173 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2000-1173?

Check the references section above for vendor advisories and patch information. Affected products include: Microsys Cyberpatrol.