Lucene search
HistoryFeb 21, 2012 - 1:31 p.m.
CVE-2012-0239
cve-2012-0239
uaddupadmin.asp
advantech
broadwin webaccess
authentication
remote attackers
password change
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.4%
uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to modify an administrative password via a password-change request.
Affected configurations
Node
advantechadvantech_webaccessRange≤6.0
ORadvantechadvantech_webaccessMatch5.0
Related
cvelist
cvelist
CVE-2012-0239
2012-02-21 11:00:00
nvd
nvd
CVE-2012-0239
2012-02-21 13:31:57
prion
prion
Cross site request forgery (csrf)
2012-02-21 13:31:00
ics
ics
Advantech WebAccess Vulnerabilities (UPDATE A)
2018-08-27 12:00:00
nessus
nessus
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2015-08-28 00:00:00
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2017-02-14 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
6.9 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.4%
Related for CVE-2012-0239