Vulnerability Description
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
References
- http://online.securityfocus.com/archive/1/260704Vendor Advisory
- http://www.iss.net/security_center/static/8402.phpVendor Advisory
- http://www.securityfocus.com/bid/4256ExploitVendor Advisory
- http://online.securityfocus.com/archive/1/260704Vendor Advisory
- http://www.iss.net/security_center/static/8402.phpVendor Advisory
- http://www.securityfocus.com/bid/4256ExploitVendor Advisory
FAQ
What is CVE-2002-0443?
CVE-2002-0443 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous pas...
How severe is CVE-2002-0443?
CVE-2002-0443 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0443?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000.