2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
47.5%
The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:windows_2000 | microsoft windows 2000 | eq | * |