Lucene search

[email protected]CVE-2000-0117

HistoryJan 30, 2000 - 5:00 a.m.

CVE-2000-0117

2000-01-3005:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

cobalt raq2

siteusermod.cgi

password modification

security vulnerability

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.2%

JSON

The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root).

CPENameOperatorVersion
sun:cobalt_raq_3isun cobalt raq 3ieq*
sun:cobalt_raq_2sun cobalt raq 2eq*
sun:cobalt_raqsun cobalt raqeq1.0

CPE	Name	Operator	Version
sun:cobalt_raq_3i	sun cobalt raq 3i	eq	*
sun:cobalt_raq_2	sun cobalt raq 2	eq	*
sun:cobalt_raq	sun cobalt raq	eq	1.0

References

www.securityfocus.com/bid/951

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.2%

JSON

Related for CVE-2000-0117

nessus1