Lucene search

[email protected]CVE-2001-1343

HistoryJun 12, 2001 - 4:00 a.m.

CVE-2001-1343

2001-06-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1343

webstore 400/400cs

ws_mail.cgi

remote execution

code vulnerability

auth admin

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%

JSON

ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter.

CPENameOperatorVersion
cgicentral:webstore_400cscgicentral webstore 400cseq4.14
cgicentral:webstore_400cgicentral webstore 400eq4.14

CPE	Name	Operator	Version
cgicentral:webstore_400cs	cgicentral webstore 400cs	eq	4.14
cgicentral:webstore_400	cgicentral webstore 400	eq	4.14

References

archives.neohapsis.com/archives/bugtraq/2001-06/0142.html

www.securityfocus.com/bid/2861

exchange.xforce.ibmcloud.com/vulnerabilities/6685

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%

JSON

Related for CVE-2001-1343

openvas1 nessus1