Lucene search

[email protected]CVE-2001-0968

HistoryAug 31, 2001 - 4:00 a.m.

CVE-2001-0968

2001-08-3104:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

knox arkeia

server 4.2

root user

null password

unauthorized access

cve-2001-0968.

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON

Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.

CPENameOperatorVersion
knox_software:arkeiaknox software arkeiaeq4.2
knox_software:arkeiaknox software arkeiaeq4.2.8.2

CPE	Name	Operator	Version
knox_software:arkeia	knox software arkeia	eq	4.2
knox_software:arkeia	knox software arkeia	eq	4.2.8.2

References

archives.neohapsis.com/archives/bugtraq/2001-08/0228.html

www.securityfocus.com/bid/3203

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.4%

JSON