Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2001-0870
HistoryDec 21, 2001 - 5:00 a.m.

CVE-2001-0870

2001-12-2105:00:00
[email protected]
web.nvd.nist.gov
1

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.004

Percentile

73.1%

JSON

HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file.

Affected configurations

Nvd
Node
alchemy_labalchemy_eyeMatch1.9
OR
alchemy_labalchemy_eyeMatch2.0
OR
alchemy_labalchemy_eyeMatch2.1
OR
alchemy_labalchemy_eyeMatch2.2
OR
alchemy_labalchemy_eyeMatch2.3
OR
alchemy_labalchemy_eyeMatch2.4
OR
alchemy_labalchemy_eyeMatch2.5
OR
alchemy_labalchemy_eyeMatch2.6
OR
alchemy_labalchemy_eyeMatch2.6.18
OR
dek_softwarealchemy_network_monitorRange2.6.18
VendorProductVersionCPE
alchemy_labalchemy_eye1.9cpe:2.3:a:alchemy_lab:alchemy_eye:1.9:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.0cpe:2.3:a:alchemy_lab:alchemy_eye:2.0:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.1cpe:2.3:a:alchemy_lab:alchemy_eye:2.1:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.2cpe:2.3:a:alchemy_lab:alchemy_eye:2.2:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.3cpe:2.3:a:alchemy_lab:alchemy_eye:2.3:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.4cpe:2.3:a:alchemy_lab:alchemy_eye:2.4:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.5cpe:2.3:a:alchemy_lab:alchemy_eye:2.5:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.6cpe:2.3:a:alchemy_lab:alchemy_eye:2.6:*:*:*:*:*:*:*
alchemy_labalchemy_eye2.6.18cpe:2.3:a:alchemy_lab:alchemy_eye:2.6.18:*:*:*:*:*:*:*
dek_softwarealchemy_network_monitor*cpe:2.3:a:dek_software:alchemy_network_monitor:*:*:*:*:*:*:*:*

Related

securityvulns 1
cvelist 1
cve 1
securityvulns
securityvulns
Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing
2001-12-01 00:00:00
cvelist
cvelist
CVE-2001-0870
2001-11-30 05:00:00
cve
cve
CVE-2001-0870
2001-12-21 05:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

0.004

Percentile

73.1%

JSON
Related for NVD:CVE-2001-0870
securityvulns1cvelist1cve1