← CVECheck
HomeVulnerabilities

CVE-2002-0007 — HIGH severity vulnerability (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows re)

CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.

CVE IDCVE-2002-0007
SeverityHIGH
CVSS score10.0
CVSS vectorAV:N/AC:L/Au:N/C:C/I:C/A:C
CWENVD-CWE-Other
StatusModified
Published2002-01-31
Last modified2026-04-16
DescriptionCGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →