CVE-2000-0448 — Associates Webshield vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 29.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Network Associates Webshield

Timeline

PublishedMay 1

Latest updateApr 30

Description

The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDnetwork_associates/webshield4.5.44

🔴Vulnerability Details

GHSA

GHSA-g58c-99hx-fmc6: The WebShield SMTP Management Tool version 4↗2022-04-30

▶

CVEList

CVE-2000-0448: The WebShield SMTP Management Tool version 4↗2000-10-13

▶