Lucene search

[email protected]CVE-2004-2436

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2436

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

computer associates

unicenter

common services

cve-2004-2436

password storage

privilege escalation

7.5 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Computer Associates Unicenter Common Services 3.0 and earlier stores the database “SA” password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.

CPENameOperatorVersion
broadcom:common_servicesbroadcom common serviceseq1.0
broadcom:common_servicesbroadcom common serviceseq1.1
broadcom:common_servicesbroadcom common serviceseq2.0
broadcom:common_servicesbroadcom common serviceseq2.1
broadcom:common_servicesbroadcom common serviceseq2.2
broadcom:common_servicesbroadcom common serviceseq3.0
broadcom:unicenter_network_and_systems_managementbroadcom unicenter network and systems managementeq3.0
broadcom:unicenter_serviceplus_service_deskbroadcom unicenter serviceplus service deskeq6.0

CPE	Name	Operator	Version
broadcom:common_services	broadcom common services	eq	1.0
broadcom:common_services	broadcom common services	eq	1.1
broadcom:common_services	broadcom common services	eq	2.0
broadcom:common_services	broadcom common services	eq	2.1
broadcom:common_services	broadcom common services	eq	2.2
broadcom:common_services	broadcom common services	eq	3.0
broadcom:unicenter_network_and_systems_management	broadcom unicenter network and systems management	eq	3.0
broadcom:unicenter_serviceplus_service_desk	broadcom unicenter serviceplus service desk	eq	6.0

References

osvdb.org/displayvuln.php?osvdb_id=10408

secunia.com/advisories/12639/

securitytracker.com/id?1011468

www.securityfocus.com/bid/11277

exchange.xforce.ibmcloud.com/vulnerabilities/17562

7.5 High

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON