Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2001-0502
HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0502

2002-03-0905:00:00
mitre
web.nvd.nist.gov
32
cve-2001-0502
windows 2000
ldap server
ssl
user permissions
local users
password modification.

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0

Percentile

12.7%

JSON

Running Windows 2000 LDAP Server over SSL, a function does not properly check the permissions of a user request when the directory principal is a domain user and the data attribute is the domain password, which allows local users to modify the login password of other users.

Affected configurations

Nvd
Node
microsoftwindows_2000
VendorProductVersionCPE
microsoftwindows_2000*cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*

Related

nessus 1
cvelist 1
nvd 1
nessus
nessus
MS01-011 / MS01-036: LDAP over SSL Arbitrary User Password Modification (287397 / 299687)
2001-02-21 00:00:00
cvelist
cvelist
CVE-2001-0502
2002-03-09 05:00:00
nvd
nvd
CVE-2001-0502
2001-07-21 04:00:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.4

Confidence

High

EPSS

0

Percentile

12.7%

JSON
Related for CVE-2001-0502
nessus1cvelist1nvd1