Vulnerability Description
The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red-M | 1050Ap Lan Acess Point | All versions |
References
- http://www.atstake.com/research/advisories/2002/a060502-1.txtExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/4940
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9265
- http://www.atstake.com/research/advisories/2002/a060502-1.txtExploitPatchVendor Advisory
- http://www.securityfocus.com/bid/4940
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9265
FAQ
What is CVE-2002-0396?
CVE-2002-0396 is a vulnerability with a CVSS score of 7.5 (HIGH). The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address...
How severe is CVE-2002-0396?
CVE-2002-0396 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0396?
Check the references section above for vendor advisories and patch information. Affected products include: Red-M 1050Ap Lan Acess Point.