Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1480Improper Control of Interaction Frequency in Mysql

CWE-3103 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
27.0%
top 3.61%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
MysqlOracle Mysql
Timeline
PublishedDec 31
Latest updateApr 29

Description

MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDmysql/mysql4.1.0
NVDoracle/mysql64 versions+63

🔴Vulnerability Details

1
GHSA
GHSA-h8m2-gw8r-5752: MySQL 32022-04-29

💥Exploits & PoCs

1
Exploit-DB
MySQL 3.x/4.0.x - Weak Password Encryption2003-05-05
CVE-2003-1480 — Mysql vulnerability | cvebase