PT-2002-1720 · Microsoft · Metadirectory Services

Published

2002-08-12

Updated

2018-10-12

CVE-2002-0697

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Microsoft Metadirectory Services (MMS) version 2.2

Description The issue allows remote attackers to bypass authentication and modify sensitive data. This is achieved by using an LDAP client to directly connect to MMS, thereby bypassing the checks for MMS credentials.

Recommendations For Microsoft Metadirectory Services (MMS) version 2.2, consider restricting direct LDAP connections to MMS as a temporary workaround until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0697

Affected Products

Metadirectory Services

PT-2002-1720 · Microsoft · Metadirectory Services

CVE-2002-0697

Related Identifiers

Affected Products

References · 4