Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Prion
Prionadded 2006/03/14 1:6 a.m.15 views

Design/Logic Flaw

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has private...

7.5CVSS7.1AI score0.00311EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2006/03/14 1:6 a.m.15 views

CVE-2006-1210

The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these...

7.5CVSS6.9AI score0.00846EPSS
Exploits0References3
Cvelist
Cvelistadded 2006/03/14 1:0 a.m.14 views

CVE-2006-1211

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has private...

6.5AI score0.00311EPSS
Exploits0References2
Cvelist
Cvelistadded 2006/03/14 1:0 a.m.13 views

CVE-2006-1210

The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these...

6.9AI score0.00846EPSS
Exploits0References3
CVE
CVEadded 2006/03/14 1:0 a.m.47 views

CVE-2006-1210

The CVE-2006-1210 issue affects IBM Tivoli Netcool/NeuSecure 3.0.236, where the web interface stores the MySQL username and password in cleartext within body.phtml, allowing remote attackers to gain privileges by reading the source. Root cause: credentials exposed in the web page source. Impact: ...

7.5CVSS6.9AI score0.00846EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2006/02/22 2:2 a.m.12 views

Code injection

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in the 1 CMSDBPASS, 2 CMSMDBPASS, and 3 RPTDBPASS fields in /etc/neusecure.conf, and in 4 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to gain privileges. NOTE: IBM has privately confirmed to CVE that a fix i...

2.1CVSS6.9AI score0.00074EPSS
Exploits0References10Affected Software1
NVD
NVDadded 2006/02/22 2:2 a.m.9 views

CVE-2006-0837

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 has world-readable permissions for 1 /etc/neusecure.conf, 2 /opt/NeuSecure/etc/cms-3.0.236.buildconf, and 3 /opt/NeuSecure/bin/nsarchiver.log, which allows local users to read sensitive information such as passwords. NOTE: IBM has privately confirmed...

2.1CVSS5.7AI score0.00056EPSS
Exploits0References10
Rows per page
Query Builder