CVE-2000-0944

High

7.5/10

Summary

CGI Script Center News Update 1.1 does not properly validate the original news administration password during a password change operation, which allows remote attackers to modify the password without knowing the original password.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Dec 19, 2000

CVE-2000-0944

Summary

References

Advisory Timeline

CodeBashing

ChainJacking

KICS CLI