CVE-2001-0444 : Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts

Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information.

Published 2001-07-02 04:00:00

Updated 2017-10-10 01:29:44

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2001-0444

Probability of exploitation activity in the next 30 days: 0.07%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 27 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2001-0444

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
2.1	LOW	AV:L/AC:L/Au:N/C:P/I:N/A:N	3.9	2.9	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2001-0444

https://exchange.xforce.ibmcloud.com/vulnerabilities/6453
http://archives.neohapsis.com/archives/bugtraq/2001-04/0380.html

Exploit;Vendor Advisory
http://www.securityfocus.com/bid/2635

Exploit;Vendor Advisory

Products affected by CVE-2001-0444

Cisco » Cbos » Version: 2.3.053
cpe:2.3:o:cisco:cbos:2.3.053:*:*:*:*:*:*:*
Matching versions
Cisco » Cbos » Version: 2.4.1
cpe:2.3:o:cisco:cbos:2.4.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2001-0444

Exploit prediction scoring system (EPSS) score for CVE-2001-0444

CVSS scores for CVE-2001-0444

References for CVE-2001-0444

Products affected by CVE-2001-0444