Lucene search

[email protected]NVD:CVE-2001-1044

HistoryJan 11, 2001 - 5:00 a.m.

CVE-2001-1044

2001-01-1105:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.028

Percentile

90.7%

JSON

Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the document root and does not restrict access, which could allows remote attackers to obtain sensitive information such as MySQL passwords and usernames from the mysql.class file.

Affected configurations

Nvd

Node

basilixbasilix_webmailMatch0.9.7_beta

VendorProductVersionCPE
basilixbasilix_webmail0.9.7_betacpe:2.3:a:basilix:basilix_webmail:0.9.7_beta:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
basilix	basilix_webmail	0.9.7_beta	cpe:2.3:a:basilix:basilix_webmail:0.9.7_beta:::::::*

References

www.securityfocus.com/archive/1/155897

www.securityfocus.com/bid/2198

exchange.xforce.ibmcloud.com/vulnerabilities/5934

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.028

Percentile

90.7%

JSON

Related for NVD:CVE-2001-1044

cvelist1 cve1 nessus1 exploitdb1