Vulnerability Report

CVE-2003-0802

Title: Nokia NED directory listing and path disclosure

Information Disclosure

Proof Of Concept

PoC Available for CVE-2003-0802

CWE Category NVD-CWE-noinfo

Published Date Oct 06, 2003

Modified Date Apr 03, 2025

Exploit Status Available

Score 5.0 CVSS v2.0

Exploit Probability (EPSS)

2.27%

Vulnerability Summary

CVE-2003-0802: Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).

Impacted Vendors

nokia 1

Reference Links

http://www.atstake.com/research/advisories/2003/a091503-1.txt http://www.atstake.com/research/advisories/2003/a091503-1.txt

CVSS v2.0

Source Entity [email protected]

Severity MEDIUM

5.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:P/I:N/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2003-0802 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/23147

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

October 06, 2003 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:P/I:N/A:N

Affected Stack

No specific products linked.