Lucene search

[email protected]CVE-2001-0444

HistoryJul 02, 2001 - 4:00 a.m.

CVE-2001-0444

2001-07-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco cbos

information leak

sensitive information

terminal

telnet

nvd

cve-2001-0444

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

27.8%

JSON

Cisco CBOS 2.3.0.053 sends output of the “sh nat” (aka “show nat”) command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.

CPENameOperatorVersion
cisco:cboscisco cboseq2.4.1
cisco:cboscisco cboseq2.3.053

CPE	Name	Operator	Version
cisco:cbos	cisco cbos	eq	2.4.1
cisco:cbos	cisco cbos	eq	2.3.053

References

archives.neohapsis.com/archives/bugtraq/2001-04/0380.html

www.osvdb.org/1796

www.securityfocus.com/bid/2635

exchange.xforce.ibmcloud.com/vulnerabilities/6453

7.1 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

27.8%

JSON