Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-2425

CWE-2644 documents4 sources
Severity
10.0CRITICAL
EPSS
4.5%
top 10.82%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Solaris Answerbook2
Timeline
PublishedDec 31
Latest updateApr 30

Description

Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsun/solaris_answerbook25 versions+4

Patches

Patch: www.iss.netPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-p5xv-8rq2-6rw3: Sun AnswerBook2 12022-04-30
CVEList
CVE-2002-2425: Sun AnswerBook2 12007-11-01

💥Exploits & PoCs

1
Exploit-DB
Sun AnswerBook2 1.x - Unauthorized Administrative Script Access2002-08-02
CVE-2002-2425 (CRITICAL CVSS 10) | Sun AnswerBook2 1.2 through 1.4.2 a | cvebase.io