CVE-2000-1209

Published Aug 12, 2002

Last updated a year ago

CVSS info 10.0

Overview

Description: The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "875427C5-D74E-4299-BD02-051D3D052F2F"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager:7.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27B2FE40-2B7A-4707-86EF-FD7C6E2FEE3A"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "034C9386-7576-4313-815F-6C0DFB90C38A"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:1.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "803B702A-3D4D-4438-A182-B181BEA00270"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87261CA0-1226-46EA-9725-23DFBB443067"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:2.1b:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71C976B5-5B6C-40DC-8C9E-10283B2BCA29"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:2.1c:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36FEFBCD-D125-49B9-804D-6F013E7C5937"
          },
          {
            "criteria": "cpe:2.3:a:compaq:insight_manager_xe:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C4C2153-508E-4A2A-8EFC-A2BA37FF9DBC"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:data_engine:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F455C373-A9F7-47F9-828E-DEE2C8CC6545"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:msde:2000:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FF06B44-FC10-49CD-954E-9C4058731A2A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References