Unrated severityNVD Advisory· Published Jan 27, 2005· Updated Apr 16, 2026

CVE-2004-0917

Description

The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag.

Affected products

Vignette/Application Portal
cpe:2.3:a:vignette:application_portal:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.atstake.com/research/advisories/2004/a092804-1.txtnvdExploitVendor Advisory
www.securityfocus.com/bid/11267nvdVendor Advisory
securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/17530nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000