Lucene search
K
MicromuseNetcool Neusecure

4 matches found

CVE
CVE
added 2006/03/14 1:0 a.m.51 views

CVE-2006-1210

The CVE-2006-1210 issue affects IBM Tivoli Netcool/NeuSecure 3.0.236, where the web interface stores the MySQL username and password in cleartext within body.phtml, allowing remote attackers to gain privileges by reading the source. Root cause: credentials exposed in the web page source. Impact: ...

7.5CVSS6.9AI score0.01536EPSS
CVE
CVE
added 2006/03/14 1:0 a.m.50 views

CVE-2006-1211

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 is vulnerable: it configures a MySQL database to allow connections from any source IP address using the ns account, enabling remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. The note indica...

7.5CVSS6.5AI score0.01402EPSS
CVE
CVE
added 2006/02/22 2:0 a.m.45 views

CVE-2006-0838

IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 stores cleartext passwords in /etc/neusecure.conf (CMS_DBPASS, CMSM_DBPASS, RPT_DBPASS) and in /opt/NeuSecure/bin/ns_archiver.log, enabling local users to gain privileges. The issue is a configuration/password storage vulnerability affecting local pr...

2.1CVSS6.4AI score0.00373EPSS
Web
CVE
CVE
added 2006/02/22 2:0 a.m.43 views

CVE-2006-0837

Affected product: IBM Tivoli Netcool/NeuSecure 3.0.236. Issue: world-readable permissions on (1) /etc/neusecure.conf, (2) /opt/NeuSecure/etc/cms-3.0.236.buildconf, and (3) /opt/NeuSecure/bin/ns_archiver.log, enabling local users to read sensitive information such as passwords. Impact: local infor...

2.1CVSS5.7AI score0.00373EPSS