Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2000-1209

Опубликовано: 12 авг. 2002
Источник: nvd
CVSS2: 10
EPSS Высокий

Описание

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:compaq:insight_manager:7.0:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager:7.0:sp1:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:1.1:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:1.21:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:2.1:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:2.1b:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:2.1c:*:*:*:*:*:*:*
cpe:2.3:a:compaq:insight_manager_xe:2.2:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:data_engine:1.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:msde:2000:*:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.89725
Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-hwwv-vx36-7jpp

github
больше 3 лет назад

The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.

EPSS

Процентиль: 100%
0.89725
Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other