exploitDog

CVE-2003-1169

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013113.html
Exploit
Patch
http://www.securityfocus.com/bid/8950
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/13589
http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013113.html
Exploit
Patch
http://www.securityfocus.com/bid/8950
Exploit
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/13589

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:datev:nutzungskontrolle:2.1:*:*:*:*:*:*:*

cpe:2.3:a:datev:nutzungskontrolle:2.2:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00297

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x5rr-h336-hq88

github

почти 4 года назад

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

EPSS

Процентиль: 53%

0.00297

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other