7.5

CVE-2001-0948

EPSS 1.82%
Veröffentlicht 04.12.2001 05:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate's description, which is executed when the certificate is viewed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Valicert ≫ Enterprise Validation Authority Version3.3

Valicert ≫ Enterprise Validation Authority Version3.4

Valicert ≫ Enterprise Validation Authority Version3.5

Valicert ≫ Enterprise Validation Authority Version3.6

Valicert ≫ Enterprise Validation Authority Version3.7

Valicert ≫ Enterprise Validation Authority Version3.8

Valicert ≫ Enterprise Validation Authority Version3.9

Valicert ≫ Enterprise Validation Authority Version4.0

Valicert ≫ Enterprise Validation Authority Version4.1

Valicert ≫ Enterprise Validation Authority Version4.2

Valicert ≫ Enterprise Validation Authority Version4.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.82%	0.821

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://marc.info/?l=bugtraq&m=100749428517090&w=2

http://www.valicert.com/support/security_advisory_eva.html

Vendor Advisory

URL Repurposed

http://www.securityfocus.com/bid/3619

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7650

https://nvd.nist.gov/vuln/detail/CVE-2001-0948

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-0948

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-0948

EUVD