CVE-2001-0845

Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://ftp.support.compaq.com/patches/.new/html/SSRT0738.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/3492
https://exchange.xforce.ibmcloud.com/vulnerabilities/7425

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:dec:dec_openvms:6.2_vax:::::::*
	cpe:2.3:a:dec:dec_openvms:7.1_vax:::::::*
	cpe:2.3:a:dec:dec_openvms_alpha:7.3:::::::*
	cpe:2.3:a:dec:sevms:6.2:::::::*
	cpe:2.3:a:dec:sevms_alpha:6.2:::::::*
	cpe:2.3:a:dec:dec_openvms:7.2_vax:::::::*
	cpe:2.3:a:dec:dec_openvms:7.3_vax:::::::*
	cpe:2.3:a:dec:dec_openvms_alpha:6.2:::::::*
	cpe:2.3:a:dec:dec_openvms_alpha:7.1.2:::::::*
	cpe:2.3:a:dec:dec_openvms_alpha:7.2.1h1:::::::*
	cpe:2.3:a:dec:dec_openvms_alpha:7.2.2:::::::*

Information

Published : 2001-12-05 21:00

Updated : 2017-12-18 18:29

NVD link : CVE-2001-0845

Mitre link : CVE-2001-0845

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

dec

sevms_alpha
dec_openvms
dec_openvms_alpha
sevms

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://ftp.support.compaq.com/patches/.new/html/SSRT0738.shtml", "name": "SSRT0738", "tags": ["Patch", "Vendor Advisory"], "refsource": "COMPAQ"}, {"url": "http://www.securityfocus.com/bid/3492", "name": "3492", "tags": [], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7425", "name": "openvms-dms-unauthorized-access(7425)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2001-0845", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2001-12-06T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:dec:dec_openvms:6.2_vax:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms:7.1_vax:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms_alpha:7.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:sevms:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:sevms_alpha:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms:7.2_vax:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms:7.3_vax:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms_alpha:6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms_alpha:7.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms_alpha:7.2.1h1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:dec:dec_openvms_alpha:7.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-12-19T02:29Z"}