Lucene search

[email protected]CVE-2001-0586

HistoryMar 09, 2002 - 5:00 a.m.

CVE-2001-0586

2002-03-0905:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0586

trendmicro scanmail

exchange 3.5

local attack

unprotected registry

weak encryption.

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords.

Affected configurations

NVD

Node

trend_microscanmail_exchangeMatch3.5

CPENameOperatorVersion
trend_micro:scanmail_exchangetrend micro scanmail exchangeeq3.5

CPE	Name	Operator	Version
trend_micro:scanmail_exchange	trend micro scanmail exchange	eq	3.5

References

archives.neohapsis.com/archives/ntbugtraq/2001-q1/0049.html

www.osvdb.org/5581

exchange.xforce.ibmcloud.com/vulnerabilities/6311

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2001-0586

nvd1 cvelist1