MEDIUM🇵🇱 Wersja polska

CVE-2003-1169

CVSS 4.6v2.0pub. 2003-12-31upd. 2026-04-16

DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.

CVSS Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
  • Datev Nutzungskontrolle

    APP
    Datev
    2.12.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2011-5158HIGH9.3ten sam vendor

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DA...

CVE-2010-0689HIGH10.0ten sam vendor

The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV Base Syst...

CVE-2023-33387MEDIUM6.1ten sam vendor

A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Pl...