CVE-2002-0480
First published: Tue Jun 11 2002(Updated: )
ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ISS RealSecure | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0480?
CVE-2002-0480 is considered to have a high severity due to the potential for unauthorized access and manipulation of security settings.
How do I fix CVE-2002-0480?
To fix CVE-2002-0480, upgrade ISS RealSecure to the latest version where this vulnerability has been patched.
What systems are affected by CVE-2002-0480?
CVE-2002-0480 affects ISS RealSecure for Nokia devices running versions before IPSO build 6.0.2001.141d.
What are the potential impacts of CVE-2002-0480?
The potential impacts of CVE-2002-0480 include unauthorized key management and possible exploitation by remote attackers.
Is CVE-2002-0480 still a concern today?
While CVE-2002-0480 was reported over two decades ago, it remains a concern for any unpatched systems still in use.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/iss
- canonical/iss realsecure
- version/iss realsecure/6.0