CVE-2003-1341

critical

Description

The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11059

http://www.osvdb.org/6181

http://secunia.com/advisories/7881

http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353

http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0020.html

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.04143

Detections

Analytics