Lucene search

K
cve[email protected]CVE-2001-1406
HistorySep 10, 2001 - 4:00 a.m.

CVE-2001-1406

2001-09-1004:00:00
NVD-CWE-Other
web.nvd.nist.gov
23
cve-2001-1406
bugzilla
process_bug.cgi
groupset
product groups
restrictions
nvd

7.2 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

17.7%

process_bug.cgi in Bugzilla before 2.14 does not set the “groupset” bit when a bug is moved between product groups, which will cause the bug to have the old group’s restrictions, which might not be as stringent.

7.2 High

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

17.7%