CVE: CVE-2004-1428

Export to Word

ArGoSoft FTP before 1.4.2.1 generates an error message if the user name does not exist instead of prompting for a password, which allows remote attackers to determine valid usernames.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.01097
Percentile: 0.77037

CVSS Scoring

CVSS v2 Score: 5.0

Severity:

Mapped CWE(s)

CWE-203 : Observable Discrepancy

All CAPEC(s)

CAPEC-189: Black Box Reverse Engineering

CAPEC(s) with Mapped TTPs

Mapped ATT&CK TTPs

Affected Products

cpe:2.3:a:argosoft:ftp_server:*:*:*:*:*:*:*:*

← Back to Home