Lucene search

[email protected]NVD:CVE-2001-0208

HistoryJun 02, 2001 - 4:00 a.m.

CVE-2001-0208

2001-06-0204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

0.4%

JSON

MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.

Affected configurations

Nvd

Node

microfocuscobolMatch4.1

VendorProductVersionCPE
microfocuscobol4.1cpe:2.3:a:microfocus:cobol:4.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
microfocus	cobol	4.1	cpe:2.3:a:microfocus:cobol:4.1:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-02/0205.html

www.securityfocus.com/bid/2359

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.6

Confidence

High

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2001-0208

cvelist1 exploitdb1 cve1