Lucene search

MitreCVE-2001-1098

HistorySep 01, 2004 - 4:00 a.m.

CVE-2001-1098

2004-09-0104:00:00

mitre

web.nvd.nist.gov

cisco

pix firewall manager

4.3(2)g

password

plaintext

pfm

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.3%

JSON

Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.

Affected configurations

Nvd

Node

ciscopix_firewall_managerMatch4.3\(2\)g

VendorProductVersionCPE
ciscopix_firewall_manager4.3(2)gcpe:2.3:a:cisco:pix_firewall_manager:4.3\(2\)g:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	pix_firewall_manager	4.3(2)g	cpe:2.3:a:cisco:pix_firewall_manager:4.3\(2\)g:::::::*

References

archives.neohapsis.com/archives/bugtraq/2001-10/0071.html

www.kb.cert.org/vuls/id/639507

www.securityfocus.com/bid/3419

exchange.xforce.ibmcloud.com/vulnerabilities/7265

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.4

Confidence

Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2001-1098