Lucene search

[email protected]CVE-2001-1151

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2001-1151

2002-03-1505:00:00

[email protected]

web.nvd.nist.gov

trend micro officescan

cve-2001-1151

remote attacks

weak encrypted password

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access sensitive information from the hotdownload directory without authentication, such as the ofcscan.ini configuration file, which contains a weakly encrypted password.

Affected configurations

NVD

Node

trend_microofficescanMatchcorporate_3.53

trend_microvirus_busterMatchcorporate_3.53

CPENameOperatorVersion
trend_micro:officescantrend micro officescaneqcorporate_3.53
trend_micro:virus_bustertrend micro virus bustereqcorporate_3.53

CPE	Name	Operator	Version
trend_micro:officescan	trend micro officescan	eq	corporate_3.53
trend_micro:virus_buster	trend micro virus buster	eq	corporate_3.53

References

www.securityfocus.com/archive/1/220666

www.trendmicro.co.jp/esolution/solutionDetail.asp?solutionID=318

exchange.xforce.ibmcloud.com/vulnerabilities/7286

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.3 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for CVE-2001-1151

openvas2 nvd1 nessus1 cvelist1