5

CVE-2001-0003

EPSS 36.28%
Published 12.02.2001 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Office Version2000

Microsoft ≫ Windows 2000

Microsoft ≫ Windows Me

Microsoft ≫ Windows Nt

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	36.28%	0.97

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.securityfocus.com/bid/2199

Patch

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-001

https://exchange.xforce.ibmcloud.com/vulnerabilities/5920

https://nvd.nist.gov/vuln/detail/CVE-2001-0003

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-0003

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-0003

EUVD