CVE-2004-0243 — Observable Discrepancy in IBM AIX
Severity
5.0MEDIUMNVD
EPSS
1.1%
top 22.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 23
Latest updateApr 29
Description
AIX 4.3.3 through AIX 5.1, when direct remote login is disabled, displays a different message if the password is correct, which allows remote attackers to guess the password via brute force methods.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9