Lucene search

[email protected]CVE-2001-0521

HistoryAug 14, 2001 - 4:00 a.m.

CVE-2001-0521

2001-08-1404:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0521

aladdin esafe gateway

version 3.0

security vulnerability

html script filtering

unicode encoding.

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.

Affected configurations

NVD

Node

aladdin_knowledge_systemsesafe_gatewayMatch3.0

CPENameOperatorVersion
aladdin_knowledge_systems:esafe_gatewayaladdin knowledge systems esafe gatewayeq3.0

CPE	Name	Operator	Version
aladdin_knowledge_systems:esafe_gateway	aladdin knowledge systems esafe gateway	eq	3.0

References

archives.neohapsis.com/archives/bugtraq/2001-05/0285.html

exchange.xforce.ibmcloud.com/vulnerabilities/6580

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2001-0521

cvelist1 nvd1