CVE-2002-0007 — HIGH severity vulnerability (CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows re)
CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server.
| CVE ID | CVE-2002-0007 |
|---|---|
| Severity | HIGH |
| CVSS score | 10.0 |
| CVSS vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2002-01-31 |
| Last modified | 2026-04-16 |
| Description | CGI.pl in Bugzilla before 2.14.1, when using LDAP, allows remote attackers to obtain an anonymous bind to the LDAP server via a request that does not include a password, which causes a null password to be sent to the LDAP server. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →