CVE-2002-2323

{"id": "CVE-2002-2323", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2002-12-31T05:00:00.000", "references": [{"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://www.iss.net/security_center/static/9665.php", "tags": ["Broken Link"], "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/5281", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "[email protected]"}, {"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.iss.net/security_center/static/9665.php", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/5281", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-59"}, {"lang": "en", "value": "CWE-281"}]}], "descriptions": [{"lang": "en", "value": "Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sun:solaris_pc_netlink:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5FE28A56-09A2-4295-B9AC-D0B761D8967E", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}