ID CVE-2001-1260Type cveReporter cve@mitre.orgModified 2008-09-05T20:26:00
Description
Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.
{"id": "CVE-2001-1260", "bulletinFamily": "NVD", "title": "CVE-2001-1260", "description": "Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot.", "published": "2001-08-07T04:00:00", "modified": "2008-09-05T20:26:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1260", "reporter": "cve@mitre.org", "references": ["http://www.iss.net/security_center/static/6954.php", "http://online.securityfocus.com/archive/1/202344"], "cvelist": ["CVE-2001-1260"], "type": "cve", "lastseen": "2020-10-03T11:36:58", "edition": 3, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:14255"]}], "modified": "2020-10-03T11:36:58", "rev": 2}, "score": {"value": 7.5, "vector": "NONE", "modified": "2020-10-03T11:36:58", "rev": 2}, "wild_exploited": {"wildExploited": false, "wildExploitedSources": [], "modified": "2020-10-03T11:36:58"}, "vulnersScore": 7.5}, "cpe": ["cpe:/a:avaya:argent_office:*"], "affectedSoftware": [{"cpeName": "avaya:argent_office", "name": "avaya argent office", "operator": "eq", "version": "*"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:avaya:argent_office:*:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:avaya:argent_office:*:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}}
{"osvdb": [{"lastseen": "2017-04-28T13:20:10", "bulletinFamily": "software", "cvelist": ["CVE-2001-1260"], "edition": 1, "description": "# No description provided by the source\n\n## References:\n[Related OSVDB ID: 14256](https://vulners.com/osvdb/OSVDB:14256)\n[Related OSVDB ID: 14254](https://vulners.com/osvdb/OSVDB:14254)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-08/0088.html\nISS X-Force ID: 6954\n[CVE-2001-1260](https://vulners.com/cve/CVE-2001-1260)\nCERT VU: 742115\nBugtraq ID: 8975\n", "modified": "2001-08-07T00:00:00", "published": "2001-08-07T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:14255", "id": "OSVDB:14255", "type": "osvdb", "title": "Avaya Argent Office Weak Password Encryption", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
