Lucene search

[email protected]NVD:CVE-2001-1003

HistoryAug 31, 2001 - 4:00 a.m.

CVE-2001-1003

2001-08-3104:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

Percentile

0.4%

JSON

Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges.

Affected configurations

Nvd

Node

webctrespondusMatch1.1.2

VendorProductVersionCPE
webctrespondus1.1.2cpe:2.3:a:webct:respondus:1.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
webct	respondus	1.1.2	cpe:2.3:a:webct:respondus:1.1.2:::::::*

References

marc.info/?l=bugtraq&m=99859557930285&w=2

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2001-1003

exploitdb1 cve1 cvelist1