Lucene search

[email protected]CVE-2001-0347

HistorySep 18, 2001 - 4:00 a.m.

CVE-2001-0347

2001-09-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0347

telnet service

windows 2000

information disclosure

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Information disclosure vulnerability in Microsoft Windows 2000 telnet service allows remote attackers to determine the existence of user accounts such as Guest, or log in to the server without specifying the domain name, via a malformed userid.

Affected configurations

NVD

Node

microsoftwindows_2000

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*

References

www.ciac.org/ciac/bulletins/l-092.shtml

www.osvdb.org/5686

www.securityfocus.com/bid/2847

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-031

exchange.xforce.ibmcloud.com/vulnerabilities/6665

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.021 Low

EPSS

Percentile

89.1%

JSON

Related for CVE-2001-0347

cvelist1 cert1 nvd1