Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2173
HistoryJun 20, 2012 - 10:27 a.m.

CVE-2012-2173

2012-06-2010:27:28
CWE-255
[email protected]
web.nvd.nist.gov
15
cve-2012-2173
ibm security appscan source
odbc driver
sha-1 hash
soliddb database
remote attackers
sensitive information
network sniffing
nvd

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.4%

JSON

The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected configurations

NVD
Node
ibmsecurity_appscan_sourceMatch7.0
OR
ibmsecurity_appscan_sourceMatch8.0
OR
ibmsecurity_appscan_sourceMatch8.0.0.1
OR
ibmsecurity_appscan_sourceMatch8.0.0.2
OR
ibmsecurity_appscan_sourceMatch8.5
OR
ibmsecurity_appscan_sourceMatch8.5.0.1

Related

prion 1
nvd 1
cvelist 1
prion
prion
Default credentials
2012-06-20 10:27:00
nvd
nvd
CVE-2012-2173
2012-06-20 10:27:28
cvelist
cvelist
CVE-2012-2173
2012-06-20 10:00:00

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.4%

JSON
Related for CVE-2012-2173
prion1nvd1cvelist1