CVE-2000-0434

CVSS 2.0 Score 7.5 of 10 (high)

Details

Published May 13, 2000

Updated: Nov 20, 2024

Summary

CVE-2000-0434 is a vulnerability affecting the Allmanage web site administration software. It allows remote attackers to access the administrative password, which is stored in plaintext in a file. This password can be used to gain unauthorized access to the administration interface, potentially leading to data theft or system compromise. Attackers do not need any authentication or special privileges to exploit this vulnerability. Organizations using this software are advised to apply the available patch or update their passwords immediately to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/NWlbQL
https://www.cve.org/CVERecord?id=CVE-2000-0434
https://nvd.nist.gov/vuln/detail/CVE-2000-0434

Back to Vulnerability Database

CVE-2000-0434

CVSS 2.0 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations