CVE-2002-1699

SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.osvdb.org/21558
http://www.securiteam.com/windowsntfocus/5BP031P75C.html
http://www.securityfocus.com/bid/4676	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9015
http://www.osvdb.org/21558
http://www.securiteam.com/windowsntfocus/5BP031P75C.html
http://www.securityfocus.com/bid/4676	Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/9015

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:pascal_michaud:asp_client_check:1.3:::::::*
	cpe:2.3:a:pascal_michaud:asp_client_check:1.5:::::::*

History

20 Nov 2024, 23:41

Type	Values Removed	Values Added
References	~~() http://www.osvdb.org/21558 -~~	() http://www.osvdb.org/21558 -
References	~~() http://www.securiteam.com/windowsntfocus/5BP031P75C.html -~~	() http://www.securiteam.com/windowsntfocus/5BP031P75C.html -
References	~~() http://www.securityfocus.com/bid/4676 - Patch~~	() http://www.securityfocus.com/bid/4676 - Patch
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/9015 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/9015 -

Information

Published : 2002-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-1699

Mitre link : CVE-2002-1699

CVE.ORG link : CVE-2002-1699

JSON object : View

Products Affected

pascal_michaud

asp_client_check

CWE

NVD-CWE-Other

{"id": "CVE-2002-1699", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-12-31T05:00:00.000", "references": [{"url": "http://www.osvdb.org/21558", "source": "cve@mitre.org"}, {"url": "http://www.securiteam.com/windowsntfocus/5BP031P75C.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/4676", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9015", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/21558", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securiteam.com/windowsntfocus/5BP031P75C.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/4676", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9015", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pascal_michaud:asp_client_check:1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA744189-3E40-4FCB-B90E-6EED4EA46D38"}, {"criteria": "cpe:2.3:a:pascal_michaud:asp_client_check:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C6357C5-842F-42EE-9AB9-207F0A0212CE"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}