Lucene search

[email protected]CVE-2002-0790

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0790

2002-08-1204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

aix

vulnerability

cve-2002-0790

nvd

local privilege escalation

7.5 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.

CPENameOperatorVersion
ibm:aixibm aixeq*

CPE	Name	Operator	Version
ibm:aix	ibm aix	eq	*

References

techsupport.services.ibm.com/server/aix.uhuic_getrec?args=DVsteamboat.boulder.ibm.com+DBAIX2+DA6854+STIY24556+USbin

7.5 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON