CVE-2000-0689

Опубликовано: 20 окт. 2000

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
Exploit
Vendor Advisory
http://www.cgiscriptcenter.com/acctlite/
http://www.osvdb.org/13341
http://www.securityfocus.com/bid/1604
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5125
http://archives.neohapsis.com/archives/bugtraq/2000-08/0291.html
Exploit
Vendor Advisory
http://www.cgiscriptcenter.com/acctlite/
http://www.osvdb.org/13341
http://www.securityfocus.com/bid/1604
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/5125

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cgi_script_center:account_manager:lite_1.0:*:*:*:*:*:*:*

cpe:2.3:a:cgi_script_center:account_manager:pro_1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 92%

0.08447

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-hhgh-vxgw-ph3w

github

больше 3 лет назад