CVE-2002-0487

CVE-2002-0487 is a medium-severity vulnerability in Workforceroi Xpede with a CVSS 2.0 base score of 4.6. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.

Frequently asked questions

What is CVE-2002-0487?
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.
How severe is CVE-2002-0487?
CVE-2002-0487 has a CVSS 2.0 base score of 4.6, rated medium severity.
Is CVE-2002-0487 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (35th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2002-0487?
CVE-2002-0487 primarily affects Workforceroi Xpede. In total, 2 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
How do I fix CVE-2002-0487?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2002-0487 published?
CVE-2002-0487 was published on 2002-08-12 and last updated on 2026-06-16.

References

Affected products (2)

More vulnerabilities in Workforceroi Xpede

All CVEs affecting Workforceroi Xpede →