CVE-2001-0986

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/archive/1/214217", "name": "20010914 Security Vulnerability with Microsoft Index Server 2.0(Sample file reveals file info, physical path etc)", "tags": ["Patch", "Vendor Advisory"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/3339", "name": "3339", "tags": ["Exploit", "Vendor Advisory"], "refsource": "BID"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7125", "name": "winnt-indexserver-sqlqhit-asp(7125)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2001-0986", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2001-09-14T04:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:microsoft:index_server:2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-12-19T02:29Z"}