Lucene search

MitreCVE-2001-0372

HistoryJun 18, 2001 - 4:00 a.m.

CVE-2001-0372

2001-06-1804:00:00

mitre

web.nvd.nist.gov

akopia interchange

cve-2001-0372

demo stores

access vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.009

Percentile

82.7%

JSON

Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores (1) barry, (2) basic, or (3) construct.

Affected configurations

Nvd

Node

akopiaakopia_interchangeRange≤4.6.3

akopiaakopia_interchangeMatch4.5.3

VendorProductVersionCPE
akopiaakopia_interchange*cpe:2.3:a:akopia:akopia_interchange:*:*:*:*:*:*:*:*
akopiaakopia_interchange4.5.3cpe:2.3:a:akopia:akopia_interchange:4.5.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
akopia	akopia_interchange	*	cpe:2.3:a:akopia:akopia_interchange::::::::
akopia	akopia_interchange	4.5.3	cpe:2.3:a:akopia:akopia_interchange:4.5.3:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-03/0337.html

lists.akopia.com/pipermail/interchange-announce/2001/000009.html

www.securityfocus.com/bid/2499

exchange.xforce.ibmcloud.com/vulnerabilities/6273

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.009

Percentile

82.7%

JSON

Related for CVE-2001-0372