Lucene search

[email protected]CVE-2001-0020

HistorySep 18, 2001 - 4:00 a.m.

CVE-2001-0020

2001-09-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0020

arrowpoint

vulnerability

directory traversal

local users

dot dot attack.

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.0%

JSON

Directory traversal vulnerability in Arrowpoint (aka Cisco Content Services, or CSS) allows local unprivileged users to read arbitrary files via a … (dot dot) attack.

Affected configurations

NVD

Node

ciscoarrowpoint

ciscocontent_services_switch

CPENameOperatorVersion
cisco:arrowpointcisco arrowpointeq*
cisco:content_services_switchcisco content services switcheq*

CPE	Name	Operator	Version
cisco:arrowpoint	cisco arrowpoint	eq	*
cisco:content_services_switch	cisco content services switch	eq	*

References

www.atstake.com/research/advisories/2001/a013101-1.txt

www.cisco.com/warp/public/707/arrowpoint-cli-filesystem-pub.shtml

www.osvdb.org/1757

www.securityfocus.com/bid/2331

exchange.xforce.ibmcloud.com/vulnerabilities/6031

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

20.0%

JSON

Related for CVE-2001-0020

cvelist1 nvd1