Vulnerability Details : CVE-2002-0443
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.
Exploit prediction scoring system (EPSS) score for CVE-2002-0443
Probability of exploitation activity in the next 30 days: 0.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 12 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-0443
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2002-0443
-
http://online.securityfocus.com/archive/1/260704
Vendor Advisory
-
http://www.securityfocus.com/bid/4256
Exploit;Vendor Advisory
-
http://www.iss.net/security_center/static/8402.php
Vendor Advisory
Products affected by CVE-2002-0443
- cpe:2.3:o:microsoft:windows_2000:*:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_2000:*:sp2:*:*:*:*:*:*