CVE-2001-1404 — HIGH severity vulnerability (Bugzilla before 2.14 stores user passwords in plaintext and)
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
| CVE ID | CVE-2001-1404 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.5 |
| CVSS vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2001-09-10 |
| Last modified | 2026-04-16 |
| Description | Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →