CVE-2003-0974

Applied Watch Command Center - CSRF

Title source: llm

Description

Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Bugtraq Security · cremotemultiple

https://www.exploit-db.com/exploits/23405

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Bugtraq Security · cremotemultiple

https://www.exploit-db.com/exploits/23404

View Code ZIP pw:eip

References (5)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/9124

[Various Sources] http://www.bugtraq.org/advisories/_BSSADV-0000.txt

[Mailing List] http://marc.info/?l=bugtraq&m=107004362416252&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=107005523025918&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=107031196324376&w=2

Scores

EPSS 0.1967

EPSS Percentile 95.4%

Details

Status published

Products (1)

applied_watch_technologies/applied_watch_command_center 1.0

Published Dec 15, 2003

Tracked Since Feb 18, 2026