7.5
CVE-2001-1401
- EPSS 1.67%
- Veröffentlicht 10.09.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:12
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in (1) process_bug.cgi, (2) show_activity.cgi, (3) showvotes.cgi, (4) showdependencytree.cgi, (5) showdependencygraph.cgi, (6) showattachment.cgi, or (7) describecomponents.cgi.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.67% | 0.738 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://bugzilla.mozilla.org/show_bug.cgi?id=39524
http://bugzilla.mozilla.org/show_bug.cgi?id=39526
http://bugzilla.mozilla.org/show_bug.cgi?id=39527
http://bugzilla.mozilla.org/show_bug.cgi?id=39531
http://bugzilla.mozilla.org/show_bug.cgi?id=39533
http://bugzilla.mozilla.org/show_bug.cgi?id=70189
http://bugzilla.mozilla.org/show_bug.cgi?id=82781
http://marc.info/?l=bugtraq&m=99912899900567
http://www.redhat.com/support/errata/RHSA-2001-107.html