Vulnerability Details : CVE-2012-5940
The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process.
Vulnerability category: BypassGain privilege
Products affected by CVE-2012-5940
- cpe:2.3:h:ibm:netezza:6.0.8:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:netezza:7.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:netezza:6.0.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-5940
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-5940
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2012-5940
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-5940
-
http://www-01.ibm.com/support/docview.wss?uid=swg21624568
IBM notice: The page you requested cannot be displayedVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/80535
IBM Netezza Platform Software insecure authentication CVE-2012-5940 Vulnerability Report
Jump to