← Back

CVE-2002-1654

nvd nist
Published: Dec 31, 2002Modified: Apr 16, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attackers to conduct HTTP Basic Authentication via the wp-force-auth Web Publisher command, which provides a distinct attack vector and may make it easier to conduct brute force password guessing without detection.

Affected (11)

Iplanet
1 product
Iplanet Web Server
Netscape
1 product
Enterprise Server
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Iplanet
Iplanet Web Server
Version 6.0
Iplanet Web Server
Version enterprise_4.0
Iplanet Web Server
Version enterprise_4.1
Netscape
Enterprise Server
Version 2.0
Enterprise Server
Version 3.0
Enterprise Server
Version 3.1
Enterprise Server
Version 3.2
Enterprise Server
Version 3.3
Enterprise Server
Version 3.4
Enterprise Server
Version 3.5
Enterprise Server
Version 3.6

References (16)

Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
PatchUS Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
ExploitPatch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108
PatchUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.