← CVECheck
HomeVulnerabilities

CVE-2001-1404 — HIGH severity vulnerability (Bugzilla before 2.14 stores user passwords in plaintext and)

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.

CVE IDCVE-2001-1404
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-09-10
Last modified2026-04-16
DescriptionBugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →