← CVECheck
HomeVulnerabilities

CVE-2003-0512 — MEDIUM severity vulnerability (Cisco IOS 12.2 and earlier generates a "% Login invalid" mes)

Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.

CVE IDCVE-2003-0512
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWECWE-310
StatusModified
Published2003-08-27
Last modified2026-04-16
DescriptionCisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →