CVE-2001-0523
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
14/08/2001
Last modified:
19/12/2017
Description
eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:eeye_digital_security:secureiis:1.0.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:eeye_digital_security:securells:*:*:*:*:*:*:*:* | 1.0.3 (including) |
To consult the complete list of CPE names with products and versions, see this page