Lucene search

[email protected]CVE-2001-1223

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2001-1223

2002-03-1505:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1223

elsa lancom 1100 office

no authentication

web administration server

remote access

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.1%

JSON

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.

Affected configurations

NVD

Node

elsalancom_1100_officeMatch0.0

CPENameOperatorVersion
elsa:lancom_1100_officeelsa lancom 1100 officeeq0.0

CPE	Name	Operator	Version
elsa:lancom_1100_office	elsa lancom 1100 office	eq	0.0

References

www.iss.net/security_center/static/7739.php

www.securityfocus.com/archive/1/247274

www.securityfocus.com/bid/3746

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2001-1223

nvd1 cvelist1