VAR-200110-0013
Vulnerability from variot - Updated: 2025-04-03 22:41Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. A malicious user could use this password to connect to the PIX Firewall and make configuration changes. It is important to note that a malicious user would have to obtain access to the local workstation in order to exploit this vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200110-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pix firewall manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.3\\(2\\)g"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "pix firewall manager g",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was reported to BugTraq by Florencio Umel \u003cfumel@novacoast.com\u003e.",
"sources": [
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
}
],
"trust": 0.9
},
"cve": "CVE-2001-1098",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2001-1098",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-3903",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2001-1098",
"trust": 1.0,
"value": "LOW"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#639507",
"trust": 0.8,
"value": "6.28"
},
{
"author": "CNNVD",
"id": "CNNVD-200110-038",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-3903",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "VULHUB",
"id": "VHN-3903"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. \nA malicious user could use this password to connect to the PIX Firewall and make configuration changes. \nIt is important to note that a malicious user would have to obtain access to the local workstation in order to exploit this vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1098"
},
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "BID",
"id": "3419"
},
{
"db": "VULHUB",
"id": "VHN-3903"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "3419",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#639507",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2001-1098",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038",
"trust": 0.7
},
{
"db": "XF",
"id": "7265",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20011010 VULNERABILITY: CISCO PIX FIREWALL MANAGER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-3903",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "VULHUB",
"id": "VHN-3903"
},
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"id": "VAR-200110-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-3903"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:41:59.464000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/3419"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-10/0071.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/639507"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/warp/public/cc/pd/fw/sqfw500/prodlit/pixdm_ds.htm"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7265"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/219781"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/static/7265.php"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/warp/public/110/41.shtml"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "VULHUB",
"id": "VHN-3903"
},
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#639507"
},
{
"db": "VULHUB",
"id": "VHN-3903"
},
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-12T00:00:00",
"db": "CERT/CC",
"id": "VU#639507"
},
{
"date": "2001-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3903"
},
{
"date": "2001-10-10T00:00:00",
"db": "BID",
"id": "3419"
},
{
"date": "2001-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"date": "2001-10-10T04:00:00",
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2001-10-31T00:00:00",
"db": "CERT/CC",
"id": "VU#639507"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-3903"
},
{
"date": "2001-10-10T00:00:00",
"db": "BID",
"id": "3419"
},
{
"date": "2005-05-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200110-038"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2001-1098"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco PIX Firewall Manager Plaintext Password Vulnerability",
"sources": [
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "3419"
},
{
"db": "CNNVD",
"id": "CNNVD-200110-038"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…