CVE-2001-0972

2002-02-0205:00:00

mitre

www.cve.org

7 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. “0888888.”

References

marc.info/?l=bugtraq&m=99834088223352&w=2

www.securityfocus.com/bid/3210

exchange.xforce.ibmcloud.com/vulnerabilities/7011