Unrated severityNVD Advisory· Published Jan 27, 2005· Updated Jun 16, 2026
CVE-2004-0917
CVE-2004-0917
Description
The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activities via an HTTP request to /diag.
Affected products
2cpe:2.3:a:vignette:application_portal:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:vignette:application_portal:*:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4- www.atstake.com/research/advisories/2004/a092804-1.txtnvdExploitVendor Advisory
- www.securityfocus.com/bid/11267nvdVendor Advisory
- securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/17530nvd
News mentions
0No linked articles in our index yet.