CVE-2000-0894 : HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as passwo

HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities.

Published 2001-02-12 05:00:00

Updated 2017-10-10 01:29:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Denial of service

Exploit prediction scoring system (EPSS) score for CVE-2000-0894

Probability of exploitation activity in the next 30 days: 0.52%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 74 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2000-0894

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2000-0894

http://xforce.iss.net/alerts/advise70.php

Patch;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/2119

Exploit;Patch;Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5554

Products affected by CVE-2000-0894

Watchguard » Soho Firewall » Version: 1.6
cpe:2.3:h:watchguard:soho_firewall:1.6:*:*:*:*:*:*:*
Matching versions
Watchguard » Soho Firewall » Version: 2.1.3
cpe:2.3:h:watchguard:soho_firewall:2.1.3:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2000-0894

Exploit prediction scoring system (EPSS) score for CVE-2000-0894

CVSS scores for CVE-2000-0894

References for CVE-2000-0894

Products affected by CVE-2000-0894