| |
Vulnerability CVE-2012-5940
Published: 2013-02-20
| Description: |
The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process. |
Type:
CWE-287 (Improper Authentication)
CVSS2 => (AV:N/AC:M/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://xforce.iss.net/xforce/xfdb/80535
http://www-01.ibm.com/support/docview.wss?uid=swg21624568
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
