Lucene search
CertccCVE-2012-1828HistoryJun 13, 2012 - 7:55 p.m.
CVE-2012-1828
2012-06-1319:55:00
CWE-264
certcc
web.nvd.nist.gov
26
In Wild
cve-2012-1828
autoform
pdm archive
remote authentication
unauthorized access
hidden function
password change
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
68.5%
The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requirements, which allows remote authenticated users to perform administrative actions by leveraging knowledge of a hidden function, as demonstrated by the password-change function.
Affected configurations
Node
efstechnologyautoform_pdm_archiveRange≤7.0
ORefstechnologyautoform_pdm_archiveMatch6.920
| Vendor | Product | Version | CPE |
|---|---|---|---|
| efstechnology | autoform_pdm_archive | * | cpe:2.3:a:efstechnology:autoform_pdm_archive:*:*:*:*:*:*:*:* |
| efstechnology | autoform_pdm_archive | 6.920 | cpe:2.3:a:efstechnology:autoform_pdm_archive:6.920:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2012-06-13 19:55:00
Design/Logic Flaw
2012-06-13 19:55:00
cvelist
cvelist
CVE-2012-1828
2012-06-13 19:00:00
CVE-2012-3347
2012-06-13 19:00:00
nvd
nvd
CVE-2012-1828
2012-06-13 19:55:00
CVE-2012-3347
2012-06-13 19:55:01
cve
cve
CVE-2012-3347
2012-06-13 19:55:01
attackerkb
attackerkb
CVE-2012-3347
2012-06-13 00:00:00
cert
cert
AutoFORM PDM Archive contains multiple vulnerabilities
2012-05-29 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
68.5%
Related for CVE-2012-1828