CVE-2000-0762

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2000-0762
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://support.ca.com/techbases/eTrust/etrust_access_control-response.html
http://www.osvdb.org/1517
http://www.securityfocus.com/bid/1583 Patch Vendor Advisory
http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1%24ba473260%24ddeaa2cd%40itradefair.net
https://exchange.xforce.ibmcloud.com/vulnerabilities/5076
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:broadcom:etrust_access_control:4.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_access_control:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:4.1:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:5.0:sp1:*:*:*:*:*:*
History

07 Nov 2023, 01:55

Type Values Removed Values Added
References
  • {'url': 'http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1$ba473260$ddeaa2cd@itradefair.net', 'name': '20000811 eTrust Access Control - Root compromise for default install', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'BUGTRAQ'}
  • () http://www.securityfocus.com/templates/archive.pike?list=1&msg=004601c003a1%24ba473260%24ddeaa2cd%40itradefair.net -

09 Apr 2021, 13:53

Type Values Removed Values Added
CPE cpe:2.3:a:ca:etrust_access_control:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:4.1:*:*:*:*:*:*:*		 cpe:2.3:a:broadcom:etrust_access_control:5.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_access_control:4.1:*:*:*:*:*:*:*
Information

Published : 2000-10-20 04:00

Updated : 2023-12-10 10:17

NVD link : CVE-2000-0762

Mitre link : CVE-2000-0762

CVE.ORG link : CVE-2000-0762

JSON object : View

Products Affected

broadcom

  • etrust_access_control

ca

  • etrust_access_control
CWE
NVD-CWE-Other