Lucene search
MitreCVE-2001-1407HistoryApr 02, 2003 - 5:00 a.m.
CVE-2001-1407
2003-04-0205:00:00
mitre
web.nvd.nist.gov
34
cve-2001-1407
bugzilla
security checks bypass
bug marking
user access
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.005
Percentile
76.0%
Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.
Affected configurations
Node
mozillabugzillaMatch2.4
ORmozillabugzillaMatch2.6
ORmozillabugzillaMatch2.8
ORmozillabugzillaMatch2.10
ORmozillabugzillaMatch2.12
ORmozillabugzillaMatch2.14
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | bugzilla | 2.4 | cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.6 | cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.8 | cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.10 | cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.12 | cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:* |
| mozilla | bugzilla | 2.14 | cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
High
EPSS
0.005
Percentile
76.0%
Related for CVE-2001-1407