Vulnerability CVE-2012-4021

Vulnerability CVE-2012-4021

Published: 2012-11-08

Description:

MosP kintai kanri before 4.1.0 does not properly perform authentication, which allows remote authenticated users to impersonate arbitrary user accounts, and consequently obtain sensitive information or modify settings, via unspecified vectors.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5.5/10	4.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	None

Affected software
MOSP -> Kintai kanri

References:

http://www.securityfocus.com/bid/56369

http://secunia.com/advisories/51110

http://jvndb.jvn.jp/jvndb/JVNDB-2012-000097

http://jvn.jp/en/jp/JVN52264310/index.html

Copyright 2024, cxsecurity.com