CVE-2002-1682 — MEDIUM (5.5)

Vulnerability Description

NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.

CVSS Score

5.5

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Daansystems	Newsreactor	1.0

Related Weaknesses (CWE)

CWE-326

References

http://www.securiteam.com/windowsntfocus/5SP0P0K60C.htmlBroken LinkExploitVendor Advisory
http://www.securityfocus.com/bid/3927Broken LinkThird Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/7968Third Party AdvisoryVDB Entry
http://www.securiteam.com/windowsntfocus/5SP0P0K60C.htmlBroken LinkExploitVendor Advisory
http://www.securityfocus.com/bid/3927Broken LinkThird Party AdvisoryVDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/7968Third Party AdvisoryVDB Entry

FAQ

What is CVE-2002-1682?

CVE-2002-1682 is a vulnerability with a CVSS score of 5.5 (MEDIUM). NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the passwords and gain access to other users' newsgroup accounts.

How severe is CVE-2002-1682?

CVE-2002-1682 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2002-1682?

Check the references section above for vendor advisories and patch information. Affected products include: Daansystems Newsreactor.