Vulnerability Description
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oblix | Netpoint | 5.2 |
References
- http://www.iss.net/security_center/static/8461.phpPatchVendor Advisory
- http://www.securityfocus.com/archive/1/262066Vendor Advisory
- http://www.securityfocus.com/bid/4288ExploitPatchVendor Advisory
- http://www.iss.net/security_center/static/8461.phpPatchVendor Advisory
- http://www.securityfocus.com/archive/1/262066Vendor Advisory
- http://www.securityfocus.com/bid/4288ExploitPatchVendor Advisory
FAQ
What is CVE-2002-0453?
CVE-2002-0453 is a vulnerability with a CVSS score of 7.5 (HIGH). The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password ...
How severe is CVE-2002-0453?
CVE-2002-0453 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0453?
Check the references section above for vendor advisories and patch information. Affected products include: Oblix Netpoint.