Vulnerability Details CVE-2001-1407
Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://bugzilla.mozilla.org/show_bug.cgi?id=96085
- http://marc.info/?l=bugtraq&m=99912899900567
- http://www.iss.net/security_center/static/10479.php
- http://www.redhat.com/support/errata/RHSA-2001-107.html
- http://bugzilla.mozilla.org/show_bug.cgi?id=96085
- http://marc.info/?l=bugtraq&m=99912899900567
- http://www.iss.net/security_center/static/10479.php
- http://www.redhat.com/support/errata/RHSA-2001-107.html
Products affected by CVE-2001-1407
-
cpe:2.3:a:mozilla:bugzilla:2.10
-
cpe:2.3:a:mozilla:bugzilla:2.12
-
cpe:2.3:a:mozilla:bugzilla:2.14
-
cpe:2.3:a:mozilla:bugzilla:2.4
-
cpe:2.3:a:mozilla:bugzilla:2.6
-
cpe:2.3:a:mozilla:bugzilla:2.8