← CVECheck
HomeVulnerabilities

CVE-2002-0810 — MEDIUM severity vulnerability (Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, direct)

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.

CVE IDCVE-2002-0810
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-08-12
Last modified2026-04-16
DescriptionBugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →