CVE-2000-1173

Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.

Published: Jan 9, 2001
Updated: Apr 13, 2023
CVE: CVE-2000-1173
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsys / cyberpatrol	4.04.003	4.04.003.x
microsys / cyberpatrol	4.04.005	4.04.005.x

http://archives.neohapsis.com/archives/bugtraq/2000-11/0323.html
http://www.securityfocus.com/bid/1977

Vulnerability Database

290,206

CVE-2000-1173