Lucene search

[email protected]NVD:CVE-2001-0948

HistoryDec 04, 2001 - 5:00 a.m.

CVE-2001-0948

2001-12-0405:00:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.6%

JSON

Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate’s description, which is executed when the certificate is viewed.

Affected configurations

NVD

Node

valicertenterprise_validation_authorityMatch3.3

valicertenterprise_validation_authorityMatch3.4

valicertenterprise_validation_authorityMatch3.5

valicertenterprise_validation_authorityMatch3.6

valicertenterprise_validation_authorityMatch3.7

valicertenterprise_validation_authorityMatch3.8

valicertenterprise_validation_authorityMatch3.9

valicertenterprise_validation_authorityMatch4.0

valicertenterprise_validation_authorityMatch4.1

valicertenterprise_validation_authorityMatch4.2

valicertenterprise_validation_authorityMatch4.2.1

References

marc.info/?l=bugtraq&m=100749428517090&w=2

www.securityfocus.com/bid/3619

www.valicert.com/support/security_advisory_eva.html

exchange.xforce.ibmcloud.com/vulnerabilities/7650

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.6%

JSON

Related for NVD:CVE-2001-0948

cve1 cvelist1