HTTP: Best Software SalesLogix Authentication Bypass
This signature detects attempts to exploit a known flaw against Best Software SalesLogix application. A successful attack can lead to bypass the authentication mechanism and gain access to the affected application as an administrative user.
Extended Description
Best Software SalesLogix is affected by multiple vulnerabilities. These issues are due to design errors that reveal sensitive information, access control validation issues that allow unauthorized access and input validation issues facilitating SQL injection attacks. An attacker may leverage these issues to manipulate and disclose database contents through SQL injection attacks, steal authentication credentials due to information disclosure vulnerabilities and bypass authentication to gain administrator access to the server.
Affected Products
Best_software saleslogix
Short Name
HTTP:PKG:SALESLOGIX-AUTH-BYPASS
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Authentication Best Bypass CVE-2004-1605 SalesLogix Software bid:11450
Release Date
05/07/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Saleslogix_corporation
Best_software
CVSS Score
7.5