CVE-2012-0706 : IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires clear

IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine.

Published 2013-04-07 17:55:01

Updated 2025-04-11 00:51:22

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2012-0706

IBM » Scale Out Network Attached Storage » Version: 1.3
cpe:2.3:h:ibm:scale_out_network_attached_storage:1.3:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2012-0706

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 41 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2012-0706

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.5	LOW	AV:N/AC:M/Au:S/C:P/I:N/A:N	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2012-0706

CWE-255

Assigned by: nvd@nist.gov (Primary)
CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-0706

https://exchange.xforce.ibmcloud.com/vulnerabilities/73309

IBM SONAS LDAP credentials information disclosure CVE-2012-0706 Vulnerability Report
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004292

IBM notice: The page you requested cannot be displayed
Vendor Advisory

Jump to

Vulnerability Details : CVE-2012-0706

Products affected by CVE-2012-0706

Exploit prediction scoring system (EPSS) score for CVE-2012-0706

CVSS scores for CVE-2012-0706

CWE ids for CVE-2012-0706

References for CVE-2012-0706