PT-2001-2502 · Bugzilla · Bugzilla

Published

2001-09-10

Updated

2016-10-18

CVE-2001-1403

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Bugzilla versions prior to 2.14

Description The issue allows attackers to gain privileges by reading the information from the web server logs, or by observing the web browser's location bar, as the username and password are included in URLs.

Recommendations For versions prior to 2.14, update to version 2.14 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-1403

Affected Products

Bugzilla

PT-2001-2502 · Bugzilla · Bugzilla

CVE-2001-1403

Related Identifiers

Affected Products

References · 5