CVE-2000-1173

{"id": "CVE-2000-1173", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2001-01-09T05:00:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0323.html", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/1977", "tags": ["Exploit", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information."}], "lastModified": "2008-09-05T20:22:50.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsys:cyberpatrol:4.04.003:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9009A873-47FF-43F8-8B2A-3E72A3E2E260"}, {"criteria": "cpe:2.3:a:microsys:cyberpatrol:4.04.005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CBC6E4F-4CB3-4BB2-9B49-A66962290EB2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}