Lucene search

[email protected]CVE-2002-1836

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1836

2022-10-0316:23:46

[email protected]

web.nvd.nist.gov

xerox

docutech

6110

6115

nfs

world writable

permissions

vulnerability

remote attack

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.9%

JSON

The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.

Affected configurations

NVD

Node

xeroxdocutech_6110

xeroxdocutech_6115

CPENameOperatorVersion
xerox:docutech_6110xerox docutech 6110eq*
xerox:docutech_6115xerox docutech 6115eq*

CPE	Name	Operator	Version
xerox:docutech_6110	xerox docutech 6110	eq	*
xerox:docutech_6115	xerox docutech 6115	eq	*

References

online.securityfocus.com/archive/1/273029

online.securityfocus.com/archive/1/273089

totally.righteous.net/jedgar/overview_of_security.pdf

www.iss.net/security_center/static/9108.php

www.securityfocus.com/bid/4765

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.9%

JSON

Related for CVE-2002-1836

nvd1 cvelist1