CVE-2001-1233
CVE-2001-1233 is a medium-severity vulnerability in Novell Groupwise Webaccess with a CVSS 2.0 base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 5.0)
- EPSS exploit prediction: 2% (73rd percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Novell Groupwise Webaccess
- Published:
- Last modified:
Description
Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
Frequently asked questions
- What is CVE-2001-1233?
- Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.
- How severe is CVE-2001-1233?
- CVE-2001-1233 has a CVSS 2.0 base score of 5.0, rated medium severity.
- Is CVE-2001-1233 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (73rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2001-1233?
- CVE-2001-1233 primarily affects Novell Groupwise Webaccess. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2001-1233?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2001-1233 published?
- CVE-2001-1233 was published on 2001-08-14 and last updated on 2026-06-16.
References
- http://www.securityfocus.com/archive/1/204875
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6987
Affected products (2)
- cpe:2.3:a:novell:groupwise_webaccess:5.5:*:*:*:*:*:*:*
- cpe:2.3:o:novell:netware:5.1:*:*:*:*:*:*:*
More vulnerabilities in Novell Groupwise Webaccess
- CVE-2005-0296 — Medium (CVSS 5.0): NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote…
- CVE-2007-4557 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote…
- CVE-2006-4220 — Medium (CVSS 4.3): Multiple cross-site scripting (XSS) vulnerabilities in webacc in Novell GroupWise WebAccess before 7 Support Pack 3…
- CVE-2006-3817 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote…
- CVE-2006-3818 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in the login page in Novell GroupWise WebAccess 6.5 before 20060721 and…
- CVE-2005-2276 — Medium (CVSS 4.3): Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers…