CVE-2012-0430

2012-12-2512:13:04

[email protected]

web.nvd.nist.gov

cve-2012-0430

netiq

edirectory

windows

vulnerability

remote attackers

administrator cookie

authorization checks

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.9%

JSON

Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.

Affected configurations

NVD

Node

microfocusedirectoryMatch8.8.6.0-windows

microfocusedirectoryMatch8.8.6.1-windows

microfocusedirectoryMatch8.8.6.2-windows

microfocusedirectoryMatch8.8.6.3-windows

microfocusedirectoryMatch8.8.6.4-windows

microfocusedirectoryMatch8.8.6.5-windows

microfocusedirectoryMatch8.8.6.6-windows

Node

microfocusedirectoryMatch8.8.7.0-windows

microfocusedirectoryMatch8.8.7.1-windows

CPENameOperatorVersion
microfocus:edirectorymicrofocus edirectoryeq8.8.6.0
microfocus:edirectorymicrofocus edirectoryeq8.8.6.1
microfocus:edirectorymicrofocus edirectoryeq8.8.6.2
microfocus:edirectorymicrofocus edirectoryeq8.8.6.3
microfocus:edirectorymicrofocus edirectoryeq8.8.6.4
microfocus:edirectorymicrofocus edirectoryeq8.8.6.5
microfocus:edirectorymicrofocus edirectoryeq8.8.6.6

CPE	Name	Operator	Version
microfocus:edirectory	microfocus edirectory	eq	8.8.6.0
microfocus:edirectory	microfocus edirectory	eq	8.8.6.1
microfocus:edirectory	microfocus edirectory	eq	8.8.6.2
microfocus:edirectory	microfocus edirectory	eq	8.8.6.3
microfocus:edirectory	microfocus edirectory	eq	8.8.6.4
microfocus:edirectory	microfocus edirectory	eq	8.8.6.5
microfocus:edirectory	microfocus edirectory	eq	8.8.6.6