CVE DATABASE / CVE-2002-2323
CVE-2002-2323
CVSS 7.5 · HIGH
Summary
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.
CVSS 3.1 breakdown
| Base score | 7.5 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | NONE |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | NONE |
| Availability | NONE |
Weakness type (CWE)
Affected products
Sun solaris pc netlink
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-27807-1
- http://www.iss.net/security_center/static/9665.php
- http://www.securityfocus.com/bid/5281
Data: NIST NVD. NVD last modified 2026-04-16. Always verify against the vendor advisory before acting.