What is CVE-2003-0174?

CVE-2003-0174 is a critical-severity vulnerability in Sgi Irix, classified under Origin Validation Error. CVSS score: 9.8/10. Published 2003-05-12.

How severe is CVE-2003-0174?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Sgi Irix

CVE-2003-0174

The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

EPSS: 0.010 (57.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Sgi Irix
N/a — versions n/a

Weakness classification (CWE)

CWE-346 — Origin Validation Error

References

cve@mitre.org (Patch, VDB Entry, Third Party Advisory, vdb-entry, Broken Link, x_refsource_BID, Vendor Advisory)
cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_XF)
cve@mitre.org (government-resource, Broken Link, x_refsource_CIAC, third-party-advisory)

Frequently asked questions

What is CVE-2003-0174?: CVE-2003-0174 is a critical-severity vulnerability in Sgi Irix, classified under Origin Validation Error. CVSS score: 9.8/10. Published 2003-05-12.
How severe is CVE-2003-0174?: Critical severity. CVSS v3 base score is 9.8 out of 10.