CVE-2000-0762 - The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, whi

CVE-2000-0762

Summary

The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.

References

Vulnerable Configurations

cpe:2.3:a:broadcom:etrust_access_control:4.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_access_control:4.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_access_control:5.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_access_control:5.0:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:4.1:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:4.1:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:5.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_access_control:5.0:sp1:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 09-04-2021 - 13:53)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	1583
bugtraq	20000811 eTrust Access Control - Root compromise for default install
confirm	http://support.ca.com/techbases/eTrust/etrust_access_control-response.html
osvdb	1517
xf	etrust-access-control-default(5076)

Last major update

09-04-2021 - 13:53

Published

20-10-2000 - 04:00

Last modified

09-04-2021 - 13:53