5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
60.4%
FileMaker may expose data inadvertently.
FileMaker Web Companion prior to version 5.0v4 permits unauthorized access to data even if the database manager believes that data is protected by Field Level Security.
Attackers can read information, including items such as passwords, stored in databases thought to be protected.
Upgrade to 5.0v4 or later as described in <http://www.filemaker.com/support/webcompanion_archive.html#may9>.
33433
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Notified: May 01, 2000 Updated: December 14, 2000
Affected
Information from FileMaker can be found at <http://www.filemaker.com/support/webcompanion_archive.html#may9>
The vendor has not provided us with any further information regarding this vulnerability.
CERT/CC has not additional information at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%2333433 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
Our thanks to Erik C. Thauvin, of Blue World Communications, Inc., who reported this problem to us.
This document was written by Shawn V Hernan.
CVE IDs: | CVE-2000-0385 |
---|---|
Severity Metric: | 12.00 Date Public: |