Vulnerability Description
The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Elsa | Lancom 1100 Office | 0.0 |
References
- http://www.iss.net/security_center/static/7739.phpVendor Advisory
- http://www.securityfocus.com/archive/1/247274PatchVendor Advisory
- http://www.securityfocus.com/bid/3746Vendor Advisory
- http://www.iss.net/security_center/static/7739.phpVendor Advisory
- http://www.securityfocus.com/archive/1/247274PatchVendor Advisory
- http://www.securityfocus.com/bid/3746Vendor Advisory
FAQ
What is CVE-2001-1223?
CVE-2001-1223 is a vulnerability with a CVSS score of 10.0 (HIGH). The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.
How severe is CVE-2001-1223?
CVE-2001-1223 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1223?
Check the references section above for vendor advisories and patch information. Affected products include: Elsa Lancom 1100 Office.