Vulnerability Description
The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a user community that was intended to be closed.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fraunhofer Fit | Bscw | 3.4 |
References
- http://www.iss.net/security_center/static/7775.phpVendor Advisory
- http://www.securityfocus.com/archive/1/248000Vendor Advisory
- http://www.securityfocus.com/bid/3777ExploitVendor Advisory
- http://www.iss.net/security_center/static/7775.phpVendor Advisory
- http://www.securityfocus.com/archive/1/248000Vendor Advisory
- http://www.securityfocus.com/bid/3777ExploitVendor Advisory
FAQ
What is CVE-2002-0095?
CVE-2002-0095 is a vulnerability with a CVSS score of 7.5 (HIGH). The default configuration of BSCW (Basic Support for Cooperative Work) 3.x and possibly version 4 enables user self registration, which could allow remote attackers to upload files and possibly join a...
How severe is CVE-2002-0095?
CVE-2002-0095 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0095?
Check the references section above for vendor advisories and patch information. Affected products include: Fraunhofer Fit Bscw.