published date: March 8, 2002

CVE-2002-0049 : Microsoft Exchange Server 2000...

Description

Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys.

Product(s):

Microsoft Exchange Server 2000

CVSS:6.4 [Critical]
EPSS:12.21%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2002-0049, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2002-0049 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://capec.mitre.org/data/definitions/122.html
https://capec.mitre.org/data/definitions/233.html
https://capec.mitre.org/data/definitions/58.html
https://nvd.nist.gov/vuln/detail/CVE-2002-0049

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales