Lucene search

[email protected]NVD:CVE-2012-2678

HistoryJul 03, 2012 - 4:40 p.m.

CVE-2012-2678

2012-07-0316:40:33

CWE-310

[email protected]

web.nvd.nist.gov

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.1%

JSON

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.

Affected configurations

NVD

Node

redhatdirectory_serverRange≤8.2

redhatdirectory_serverMatch7.1

redhatdirectory_serverMatch8.0

redhatdirectory_serverMatch8.1

Node

fedoraproject389_directory_serverRange≤1.2.11.5

fedoraproject389_directory_serverMatch1.2.1

fedoraproject389_directory_serverMatch1.2.2

fedoraproject389_directory_serverMatch1.2.3

fedoraproject389_directory_serverMatch1.2.5

fedoraproject389_directory_serverMatch1.2.5rc1

fedoraproject389_directory_serverMatch1.2.5rc2

fedoraproject389_directory_serverMatch1.2.5rc3

fedoraproject389_directory_serverMatch1.2.5rc4

fedoraproject389_directory_serverMatch1.2.6

fedoraproject389_directory_serverMatch1.2.6a2

fedoraproject389_directory_serverMatch1.2.6a3

fedoraproject389_directory_serverMatch1.2.6a4

fedoraproject389_directory_serverMatch1.2.6rc1

fedoraproject389_directory_serverMatch1.2.6rc2

fedoraproject389_directory_serverMatch1.2.6rc3

fedoraproject389_directory_serverMatch1.2.6rc6

fedoraproject389_directory_serverMatch1.2.6rc7

fedoraproject389_directory_serverMatch1.2.6.1

fedoraproject389_directory_serverMatch1.2.7alpha3

fedoraproject389_directory_serverMatch1.2.7.5

fedoraproject389_directory_serverMatch1.2.8alpha1

fedoraproject389_directory_serverMatch1.2.8alpha2

fedoraproject389_directory_serverMatch1.2.8alpha3

fedoraproject389_directory_serverMatch1.2.8rc1

fedoraproject389_directory_serverMatch1.2.8rc2

fedoraproject389_directory_serverMatch1.2.8.1

fedoraproject389_directory_serverMatch1.2.8.2

fedoraproject389_directory_serverMatch1.2.8.3

fedoraproject389_directory_serverMatch1.2.9.9

fedoraproject389_directory_serverMatch1.2.10alpha8

fedoraproject389_directory_serverMatch1.2.10rc1

fedoraproject389_directory_serverMatch1.2.10.1

fedoraproject389_directory_serverMatch1.2.10.2

fedoraproject389_directory_serverMatch1.2.10.3

fedoraproject389_directory_serverMatch1.2.10.4

fedoraproject389_directory_serverMatch1.2.10.7

fedoraproject389_directory_serverMatch1.2.11.1

References

directory.fedoraproject.org/wiki/Release_Notes

osvdb.org/83336

rhn.redhat.com/errata/RHSA-2012-0997.html

rhn.redhat.com/errata/RHSA-2012-1041.html

secunia.com/advisories/49734

www.securityfocus.com/bid/54153

h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03772083

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19353

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.1%

JSON

Related for NVD:CVE-2012-2678

debiancve1 ubuntucve1 veracode2 prion1 cve1 cvelist1 nessus5 openvas5 redhat2 securityvulns2 oraclelinux1 centos1