Lucene search

K
cveMitreCVE-2002-0095
HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0095

2003-04-0205:00:00
mitre
web.nvd.nist.gov
28
cve-2002-0095
bscw
default configuration
self registration
unauthorised access
file upload
nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.02

Percentile

88.9%

The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed.

Affected configurations

Nvd
Node
fraunhofer_fitbscwMatch3.4
OR
fraunhofer_fitbscwMatch4.0
OR
fraunhofer_fitbscwMatch4.0.6
VendorProductVersionCPE
fraunhofer_fitbscw3.4cpe:2.3:a:fraunhofer_fit:bscw:3.4:*:*:*:*:*:*:*
fraunhofer_fitbscw4.0cpe:2.3:a:fraunhofer_fit:bscw:4.0:*:*:*:*:*:*:*
fraunhofer_fitbscw4.0.6cpe:2.3:a:fraunhofer_fit:bscw:4.0.6:*:*:*:*:*:*:*

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.02

Percentile

88.9%

Related for CVE-2002-0095