Lucene search
HistoryJan 22, 2001 - 5:00 a.m.
CVE-2000-1024
ewave servletexec 3.0c
security vulnerability
remote attack
file upload
command execution
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.1%
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
Affected configurations
Node
unifyewave_servletexecMatch3.0c
| CPE | Name | Operator | Version |
|---|---|---|---|
| unify:ewave_servletexec | unify ewave servletexec | eq | 3.0c |
Related
nvd
nvd
CVE-2000-1024
2000-12-11 05:00:00
openvas
openvas
Unify eWave ServletExec 3.0C file upload
2005-11-03 00:00:00
Unify eWave ServletExec 3.0C file upload
2005-11-03 00:00:00
cvelist
cvelist
CVE-2000-1024
2001-01-22 05:00:00
nessus
nessus
Unify eWave ServletExec 3.0C UploadServlet Unprivileged File Upload
2000-12-19 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.1%
Related for CVE-2000-1024