CVE-2001-0748 — Vulnetix

CVE-2001-0748 PUBLISHED CVSS 5 MEDIUM

Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.

EPSS 12.38% · 94.0th percentile

Risk Scores

CVSS 2.0

EPSS Score

12.38%

94.0th percentile

Affected Products

Vendor	Product	Versions
acme_labs	acme_server	1.7
n/a	n/a	*

Exploit Intelligence

20020702 Cisco Secure ACS Unix Acme.server Information Disclosure Vulnerability (circl)
2809 (circl)
20010531 Acme.Server v1.7 of 13nov96 Directory Browsing (circl)
acme-serve-directory-traversal(6634) (circl)
5544 (circl)

Timeline

Oct 18, 2001 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Oct 27, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 9, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 3, 2023 EPSS Score
Jul 17, 2023 EPSS Score
Sep 8, 2023 EPSS Score

References

20020702 Cisco Secure ACS Unix Acme.server Information Disclosure Vulnerability vendor-advisory
2809 vdb
20010531 Acme.Server v1.7 of 13nov96 Directory Browsing mailing-list
acme-serve-directory-traversal(6634) vdb
5544 vdb
https://nvd.nist.gov/vuln/detail/CVE-2001-0748 advisory

Open in Interactive Console →