Lucene search

[email protected]CVE-2012-0435

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-0435

2022-10-0316:15:38

[email protected]

web.nvd.nist.gov

suse

webyast

cve-2012-0435

vulnerability

remote attack

man-in-the-middle

tcp port 4984

6.7 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

65.3%

JSON

SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.

Affected configurations

NVD

Node

susewebyastMatch1.2

CPENameOperatorVersion
suse:webyastsuse webyasteq1.2

CPE	Name	Operator	Version
suse:webyast	suse webyast	eq	1.2

References

lists.opensuse.org/opensuse-security-announce/2013-01/msg00008.html

support.novell.com/security/cve/CVE-2012-0435.html

www.kb.cert.org/vuls/id/806908

bugzilla.novell.com/show_bug.cgi?id=792712

6.7 Medium

AI Score

Confidence

Low

5.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.003 Low

EPSS

Percentile

65.3%

JSON

Related for CVE-2012-0435

suse1 nvd1 cert1 nessus1 prion1 cvelist1