CVE-2003-1433

Epic Games Unreal Engine - Authentication Bypass

Title source: rule

Description

Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times.

References (5)

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2003-02/0063.html

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2003-02/0142.html

[Various Sources] http://www.pivx.com/luigi/adv/ueng-adv.txt

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/11304

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/6771

Scores

EPSS 0.0062

EPSS Percentile 69.8%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

epic_games/unreal_engine

Timeline

Published Dec 31, 2003

Tracked Since Feb 18, 2026