Lucene search

[email protected]NVD:CVE-2001-1407

HistorySep 10, 2001 - 4:00 a.m.

CVE-2001-1407

2001-09-1004:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.

Affected configurations

NVD

Node

mozillabugzillaMatch2.4

mozillabugzillaMatch2.6

mozillabugzillaMatch2.8

mozillabugzillaMatch2.10

mozillabugzillaMatch2.12

mozillabugzillaMatch2.14

References

bugzilla.mozilla.org/show_bug.cgi?id=96085

marc.info/?l=bugtraq&m=99912899900567

www.iss.net/security_center/static/10479.php

www.redhat.com/support/errata/RHSA-2001-107.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for NVD:CVE-2001-1407

cve1 cvelist1