Lucene search

[email protected]CVE-2001-1107

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2001-1107

2002-03-1505:00:00

[email protected]

web.nvd.nist.gov

snapstream pvs

plaintext passwords

remote attacks

gain privileges

nvd

server security

cve-2001-1107

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server.

Affected configurations

NVD

Node

snapstreampvsMatch1.2a

CPENameOperatorVersion
snapstream:pvssnapstream pvseq1.2a

CPE	Name	Operator	Version
snapstream:pvs	snapstream pvs	eq	1.2a

References

archives.neohapsis.com/archives/bugtraq/2001-07/0606.html

discuss.snapstream.com/ubb/Forum1/HTML/000216.html

www.securityfocus.com/bid/3101

exchange.xforce.ibmcloud.com/vulnerabilities/6917

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2001-1107

nvd1 cvelist1