CVE-2012-2455

2022-10-0316:15:38

mitre

www.cve.org

productivity software

dte axiom

authentication bypass

remote attackers

data modification

6.9 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

67.9%

JSON

Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors.

References

seclists.org/fulldisclosure/2012/Sep/62

secunia.com/advisories/50508

www.osvdb.org/85499