Lucene search

[email protected]CVE-2002-1731

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1731

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

ibm as/400

system request menu

user accounts

object names

usrprf

information security

nvd

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON

The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the object names that are type USRPRF.

CPENameOperatorVersion
ibm:os_400ibm os 400eqv4r5
ibm:os_400ibm os 400eqv4r4
ibm:os_400ibm os 400eqv4r3
ibm:os_400ibm os 400eqv5r1
ibm:os_400ibm os 400eqv4r2

CPE	Name	Operator	Version
ibm:os_400	ibm os 400	eq	v4r5
ibm:os_400	ibm os 400	eq	v4r4
ibm:os_400	ibm os 400	eq	v4r3
ibm:os_400	ibm os 400	eq	v5r1
ibm:os_400	ibm os 400	eq	v4r2

References

securitytracker.com/id?1003507

www.securityfocus.com/bid/4059

exchange.xforce.ibmcloud.com/vulnerabilities/8179

6.8 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

0.4%

JSON