What is the severity of CVE-2003-1454?

CVE-2003-1454 is classified as a medium severity vulnerability due to the exposure of administrator passwords in plaintext.

How do I fix CVE-2003-1454?

To fix CVE-2003-1454, upgrade to a newer version of Invision Board that does not store passwords in plaintext.

Which versions of Invision Board are affected by CVE-2003-1454?

CVE-2003-1454 affects Invision Board version 1.0 through 1.1.1.

What are the risks associated with CVE-2003-1454?

The main risk associated with CVE-2003-1454 is unauthorized access to the forum due to leaked administrator passwords.

Can CVE-2003-1454 be exploited remotely?

Yes, CVE-2003-1454 can be exploited remotely by attackers who can access the stored cookies.

Vulnerability/
CVE-2003-1454

medium

CWE

NVD-CWE-Other

31/12/2003

23/10/2007

8/8/2024

CVE-2003-1454

First published: Wed Dec 31 2003(Updated: )

Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Linux kernel
Microsoft Windows
Unix Unix
Invisioncommunity Invision Power Board	=1.0
Invisioncommunity Invision Power Board	=1.0.1
Invisioncommunity Invision Power Board	=1.1.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-1454?
CVE-2003-1454 is classified as a medium severity vulnerability due to the exposure of administrator passwords in plaintext.
How do I fix CVE-2003-1454?
To fix CVE-2003-1454, upgrade to a newer version of Invision Board that does not store passwords in plaintext.
Which versions of Invision Board are affected by CVE-2003-1454?
CVE-2003-1454 affects Invision Board version 1.0 through 1.1.1.
What are the risks associated with CVE-2003-1454?
The main risk associated with CVE-2003-1454 is unauthorized access to the forum due to leaked administrator passwords.
Can CVE-2003-1454 be exploited remotely?
Yes, CVE-2003-1454 can be exploited remotely by attackers who can access the stored cookies.

collector/nvd-historical
agent/references
agent/type
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/description
agent/author
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
vendor/microsoft
canonical/microsoft windows
vendor/unix
canonical/unix unix
vendor/invision power services
canonical/invisioncommunity invision power board
version/invisioncommunity invision power board/1.0
version/invisioncommunity invision power board/1.0.1
version/invisioncommunity invision power board/1.1.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.