Lucene search

[email protected]CVE-2002-0712

HistoryFeb 03, 2004 - 5:00 a.m.

CVE-2002-0712

2004-02-0305:00:00

[email protected]

web.nvd.nist.gov

entrust

authority security manager

easm

password change

unauthorized access

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Entrust Authority Security Manager (EASM) 6.0 does not properly require multiple master users to change the password of a master user, which could allow a master user to perform operations that require multiple authorizations.

Affected configurations

NVD

Node

entrustentrust_authority_security_managerMatch5.0

entrustentrust_authority_security_managerMatch6.0

CPENameOperatorVersion
entrust:entrust_authority_security_managerentrust entrust authority security managereq5.0
entrust:entrust_authority_security_managerentrust entrust authority security managereq6.0

CPE	Name	Operator	Version
entrust:entrust_authority_security_manager	entrust entrust authority security manager	eq	5.0
entrust:entrust_authority_security_manager	entrust entrust authority security manager	eq	6.0

References

www.kb.cert.org/vuls/id/720017

www.kb.cert.org/vuls/id/AAMN-5KKVXC

www.securityfocus.com/bid/7284

exchange.xforce.ibmcloud.com/vulnerabilities/11724

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

6.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.9%

JSON

Related for CVE-2002-0712

cert1 cvelist1 nvd1