Lucene search
HistoryNov 14, 2012 - 12:55 a.m.
CVE-2012-2531
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka “Password Disclosure Vulnerability.”
Affected configurations
Node
microsoftwindows_7Match-
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_7Match-sp1x86
ORmicrosoftwindows_server_2008r2itanium
ORmicrosoftwindows_server_2008r2x64
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2012-11-14 00:55:00
cvelist
cvelist
CVE-2012-2531
2012-11-14 00:00:00
cve
cve
CVE-2012-2531
2012-11-14 00:55:01
symantec
symantec
Microsoft IIS CVE-2012-2531 Password Information Disclosure Vulnerability
2012-11-13 00:00:00
seebug
seebug
Microsoft IIS 密码信息泄露漏洞(MS12-073)
2012-11-19 00:00:00
openvas
openvas
securityvulns
securityvulns
Microsoft Internet Information Services security vulnerabilities
2012-11-18 00:00:00
nessus
nessus
mskb
mskb
myhack58
myhack58
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
5.1%
Related for NVD:CVE-2012-2531