Vulnerability Description
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Blackboard | Courseinfo | 4.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0254.htmlVendor Advisory
- http://www.securityfocus.com/bid/1486ExploitPatchVendor Advisory
- http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4946
- http://archives.neohapsis.com/archives/bugtraq/2000-07/0254.htmlVendor Advisory
- http://www.securityfocus.com/bid/1486ExploitPatchVendor Advisory
- http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%
- https://exchange.xforce.ibmcloud.com/vulnerabilities/4946
FAQ
What is CVE-2000-0627?
CVE-2000-0627 is a vulnerability with a CVSS score of 7.5 (HIGH). BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs s...
How severe is CVE-2000-0627?
CVE-2000-0627 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0627?
Check the references section above for vendor advisories and patch information. Affected products include: Blackboard Courseinfo.