Lucene search

[email protected]CVE-2012-3506

HistoryOct 25, 2012 - 10:51 a.m.

CVE-2012-3506

2012-10-2510:51:28

[email protected]

web.nvd.nist.gov

cve

2012

3506

apache

open for business

ofbiz

vulnerability

unspecified

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.

Affected configurations

NVD

Node

apacheofbizMatch10.04.01

apacheofbizMatch10.04.02

CPENameOperatorVersion
apache:ofbizapache ofbizeq10.04.01
apache:ofbizapache ofbizeq10.04.02

CPE	Name	Operator	Version
apache:ofbiz	apache ofbiz	eq	10.04.01
apache:ofbiz	apache ofbiz	eq	10.04.02

References

ofbiz.apache.org/download.html#vulnerabilities

osvdb.org/86556

seclists.org/fulldisclosure/2012/Oct/156

www.securityfocus.com/bid/56171

exchange.xforce.ibmcloud.com/vulnerabilities/79540

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

Related for CVE-2012-3506

prion1 cvelist1 nvd1