VDB
CVE-2001-0645
CVE-2001-0645
PUBLISHED
CVSS 7.5 HIGH
Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
EPSS 1.34% · 80.4th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
1.34%
80.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| axent | netprowler | 3.5, 3.5.1 |
Timeline
- Aug 29, 2001 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Apr 30, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 27, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- netprowler-default-management-password(6537) vdb
- netprowler-default-odbc-password(6539) vdb
- 20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x password restrictions mailing-list
- 20010510 Corsaire Limited Security Advisory - Symantec/Axent NetProwler 3. 5.x database configuration mailing-list
- VU#508387 third-party-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2001-0645 advisory