CVE-2002-0736

critical Microsoft
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
17.5%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: August 12, 2002 (8676 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.

CWE

NVD-CWE-Other

Affected Products

microsoft backoffice

References

🔗 archives.neohapsis.com 🔗 support.microsoft.com 🔗 www.iss.net 🔗 www.securityfocus.com 🔗 archives.neohapsis.com