Lucene search

[email protected]CVE-2000-1069

HistoryJan 22, 2001 - 5:00 a.m.

CVE-2000-1069

2001-01-2205:00:00

[email protected]

web.nvd.nist.gov

cve-2000-1069

poll it 2.01

security vulnerability

remote access

admin functions

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.0%

JSON

pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.

Affected configurations

NVD

Node

cgi-worldpoll_itMatch2.0

cgi-worldpoll_itMatch2.01

cgi-worldpoll_it_proMatch1.6

CPENameOperatorVersion
cgi-world:poll_itcgi-world poll iteq2.0
cgi-world:poll_itcgi-world poll iteq2.01
cgi-world:poll_it_procgi-world poll it proeq1.6

CPE	Name	Operator	Version
cgi-world:poll_it	cgi-world poll it	eq	2.0
cgi-world:poll_it	cgi-world poll it	eq	2.01
cgi-world:poll_it_pro	cgi-world poll it pro	eq	1.6

References

marc.info/?l=bugtraq&m=97236719315352&w=2

exchange.xforce.ibmcloud.com/vulnerabilities/5419

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.0%

JSON

Related for CVE-2000-1069

cvelist1 nvd1