CVE-2001-1499

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/archive/1/222366", "name": "20011023 Check Point VPN-1 SecuRemote Flaw", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/222479", "name": "20011024 RE: Check Point VPN-1 SecuRemote Flaw", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/3470", "name": "3470", "tags": [], "refsource": "BID"}, {"url": "http://www.osvdb.org/20210", "name": "20210", "tags": [], "refsource": "OSVDB"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7343", "name": "vpn1-securemote-brute-force(7343)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2001-1499", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2001-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:checkpoint:vpn-1:4.1:sp4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:29Z"}