Lucene search
HistoryAug 26, 2012 - 9:55 p.m.
CVE-2012-2146
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0.002
Percentile
60.8%
Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the database.
Affected configurations
Node
ematiaelixirMatch0.8.0
References
Related
debiancve
debiancve
CVE-2012-2146
2012-08-26 21:55:01
veracode
veracode
Insecure Cryptography
2024-05-03 09:32:15
fedora
fedora
[SECURITY] Fedora 19 Update: python-elixir-0.7.1-14.fc19
2014-09-09 22:20:53
[SECURITY] Fedora 20 Update: python-elixir-0.7.1-14.fc20
2014-09-09 22:17:17
osv
osv
PYSEC-2012-13
2012-08-26 21:55:00
ubuntucve
ubuntucve
CVE-2012-2146
2012-08-26 00:00:00
openvas
openvas
Fedora Update for python-elixir FEDORA-2014-9763
2014-09-10 00:00:00
Fedora Update for python-elixir FEDORA-2014-9752
2014-09-10 00:00:00
cvelist
cvelist
CVE-2012-2146
2012-08-26 21:00:00
github
github
Elixir can leak information due to weak use of crypto
2022-05-17 05:25:05
nessus
nessus
RHEL 6 : python-elixir (Unpatched Vulnerability)
2024-06-03 00:00:00
Fedora 19 : python-elixir-0.7.1-14.fc19 (2014-9752)
2014-09-10 00:00:00
Fedora 20 : python-elixir-0.7.1-14.fc20 (2014-9763)
2014-09-10 00:00:00
freebsd
freebsd
py39-Elixir -- weak use of cryptography
2012-08-26 00:00:00
prion
prion
Design/Logic Flaw
2012-08-26 21:55:00
cve
cve
CVE-2012-2146
2012-08-26 21:55:01
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0.002
Percentile
60.8%
Related for NVD:CVE-2012-2146