CVE-2002-0049

critical

Description

Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg key, which could allow remote attackers to read or modify registry keys.

References

Advisories
More

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1022

https://exchange.xforce.ibmcloud.com/vulnerabilities/8092

http://www.securityfocus.com/bid/4053

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-003

Details

Source: Mitre, NVD

Published: 2002-03-08

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

EPSS

EPSS: 0.11661

Detections

Analytics