Lucene search

[email protected]CVE-2001-0415

HistoryJun 27, 2001 - 4:00 a.m.

CVE-2001-0415

2001-06-2704:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-0415

rediplus

password security

cleartext

local access

usernames

nvd

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON

REDIPlus program, REDI.exe, stores passwords and user names in cleartext in the StartLog.txt log file, which allows local users to gain access to other accounts.

CPENameOperatorVersion
redi:rediplusredi redipluseq1.0

CPE	Name	Operator	Version
redi:rediplus	redi rediplus	eq	1.0

References

archives.neohapsis.com/archives/bugtraq/2001-03/0275.html

www.securityfocus.com/bid/2495

exchange.xforce.ibmcloud.com/vulnerabilities/6276

7.3 High

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.3%

JSON