CVE-2003-0803

Nokia Electronic Documentation 5.0 - Connection redirection

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.

Nokia Electronics Documentation (NED) 5.0 permite a atacantes remotos usar NED como un proxy HTTP abierto mediante una URL en el parámetro de localización, al que NED accede y devuelve al usuario.

*Credits: N/A

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2003-09-15 First Exploit
2003-09-17 CVE Reserved
2003-09-18 CVE Published
2024-09-17 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC
https://www.exploit-db.com/exploits/23148	2003-09-15
http://www.atstake.com/research/advisories/2003/a091503-1.txt	2024-09-17

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Nokia Search vendor "Nokia"		Electronic Documentation Search vendor "Nokia" for product "Electronic Documentation"				5.0 Search vendor "Nokia" for product "Electronic Documentation" and version "5.0"		-		Affected