Lucene search

[email protected]CVE-2002-0697

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0697

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

microsoft

metadirectory services

mms

authentication bypass

ldap

security vulnerability

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.5%

JSON

Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.

Affected configurations

NVD

Node

microsoftmetadirectory_servicesMatch2.2

CPENameOperatorVersion
microsoft:metadirectory_servicesmicrosoft metadirectory serviceseq2.2

CPE	Name	Operator	Version
microsoft:metadirectory_services	microsoft metadirectory services	eq	2.2

References

www.iss.net/security_center/static/9657.php

www.securityfocus.com/bid/5308

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-036

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.011 Low

EPSS

Percentile

84.5%

JSON

Related for CVE-2002-0697

nvd1 cvelist1