CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0225

tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.5%

CVSS Severity

CVSS v2 Score 4.6

References

http://online.securityfocus.com/archive/1/253288
http://www.iss.net/security_center/static/8061.php
http://www.securityfocus.com/bid/4003
http://online.securityfocus.com/archive/1/253288
http://www.iss.net/security_center/static/8061.php
http://www.securityfocus.com/bid/4003

Products affected by CVE-2002-0225

Cisco » Tacacs+ » Version: f4.0.4alpha

cpe:2.3:a:cisco:tacacs+:f4.0.4alpha

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0225

Products

Pricing

Contact Us