Vulnerability Description
Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Brightstation | Muscat Empower | 1.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0216.htmlExploitVendor Advisory
- http://www.securityfocus.com/bid/2374ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6093
- http://archives.neohapsis.com/archives/bugtraq/2001-02/0216.htmlExploitVendor Advisory
- http://www.securityfocus.com/bid/2374ExploitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6093
FAQ
What is CVE-2001-0224?
CVE-2001-0224 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.
How severe is CVE-2001-0224?
CVE-2001-0224 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-0224?
Check the references section above for vendor advisories and patch information. Affected products include: Brightstation Muscat Empower.