← Back

CVE-2003-0512

nvd nist
Published: Aug 27, 2003Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.

Affected (9)

Products: Cisco: Ios
Cisco
1 product
Ios
Configuration A
9 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Ios
Version 12.0(24.2)s
Ios
Version 12.0(24)s1
Ios
Version 12.2(11)ja1
Ios
Version 12.2(14.5)
Ios
Version 12.2(14.5)t
Ios
Version 12.2(15.1)s
Ios
Version 12.2(15)zn
Ios
Version 12.2(16.1)b
Ios
Version 12.2(16)b

Related CWEs

CWE-310
CWE-310

References (10)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.