CVE-2001-1302

EPSS 1.12%
Published 18.07.2001 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Windows 2000

Microsoft ≫ Windows 2000 Updatesp1

Microsoft ≫ Windows 2000 Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.12%	0.775

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:P/A:N

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=1911

http://www.securityfocus.com/bid/3063

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/6876

https://nvd.nist.gov/vuln/detail/CVE-2001-1302

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2001-1302

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2001-1302

EUVD