Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2678
HistoryJul 03, 2012 - 4:40 p.m.

CVE-2012-2678

2012-07-0316:40:33
CWE-310
[email protected]
web.nvd.nist.gov
34
4
cve-2012-2678
389 directory server
red hat directory server
ldap
remote attack
plaintext password
nvd

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.1%

JSON

389 Directory Server before 1.2.11.6 (aka Red Hat Directory Server before 8.2.10-3), after the password for a LDAP user has been changed and before the server has been reset, allows remote attackers to read the plaintext password via the unhashed#user#password attribute.

Affected configurations

NVD
Node
redhatdirectory_serverRange8.2
OR
redhatdirectory_serverMatch7.1
OR
redhatdirectory_serverMatch8.0
OR
redhatdirectory_serverMatch8.1
Node
fedoraproject389_directory_serverRange1.2.11.5
OR
fedoraproject389_directory_serverMatch1.2.1
OR
fedoraproject389_directory_serverMatch1.2.2
OR
fedoraproject389_directory_serverMatch1.2.3
OR
fedoraproject389_directory_serverMatch1.2.5
OR
fedoraproject389_directory_serverMatch1.2.5rc1
OR
fedoraproject389_directory_serverMatch1.2.5rc2
OR
fedoraproject389_directory_serverMatch1.2.5rc3
OR
fedoraproject389_directory_serverMatch1.2.5rc4
OR
fedoraproject389_directory_serverMatch1.2.6
OR
fedoraproject389_directory_serverMatch1.2.6a2
OR
fedoraproject389_directory_serverMatch1.2.6a3
OR
fedoraproject389_directory_serverMatch1.2.6a4
OR
fedoraproject389_directory_serverMatch1.2.6rc1
OR
fedoraproject389_directory_serverMatch1.2.6rc2
OR
fedoraproject389_directory_serverMatch1.2.6rc3
OR
fedoraproject389_directory_serverMatch1.2.6rc6
OR
fedoraproject389_directory_serverMatch1.2.6rc7
OR
fedoraproject389_directory_serverMatch1.2.6.1
OR
fedoraproject389_directory_serverMatch1.2.7alpha3
OR
fedoraproject389_directory_serverMatch1.2.7.5
OR
fedoraproject389_directory_serverMatch1.2.8alpha1
OR
fedoraproject389_directory_serverMatch1.2.8alpha2
OR
fedoraproject389_directory_serverMatch1.2.8alpha3
OR
fedoraproject389_directory_serverMatch1.2.8rc1
OR
fedoraproject389_directory_serverMatch1.2.8rc2
OR
fedoraproject389_directory_serverMatch1.2.8.1
OR
fedoraproject389_directory_serverMatch1.2.8.2
OR
fedoraproject389_directory_serverMatch1.2.8.3
OR
fedoraproject389_directory_serverMatch1.2.9.9
OR
fedoraproject389_directory_serverMatch1.2.10alpha8
OR
fedoraproject389_directory_serverMatch1.2.10rc1
OR
fedoraproject389_directory_serverMatch1.2.10.1
OR
fedoraproject389_directory_serverMatch1.2.10.2
OR
fedoraproject389_directory_serverMatch1.2.10.3
OR
fedoraproject389_directory_serverMatch1.2.10.4
OR
fedoraproject389_directory_serverMatch1.2.10.7
OR
fedoraproject389_directory_serverMatch1.2.11.1

Social References

More

Related

nvd 1
debiancve 1
prion 1
veracode 2
cvelist 1
ubuntucve 1
nessus 5
oraclelinux 1
openvas 5
securityvulns 2
centos 1
redhat 2
nvd
nvd
CVE-2012-2678
2012-07-03 16:40:33
debiancve
debiancve
CVE-2012-2678
2012-07-03 16:40:33
prion
prion
Design/Logic Flaw
2012-07-03 16:40:00
veracode
veracode
Information Disclosure
2019-01-15 08:52:57
Information Disclosure
2019-05-02 04:42:02
cvelist
cvelist
CVE-2012-2678
2012-07-03 16:00:00
ubuntucve
ubuntucve
CVE-2012-2678
2012-07-03 00:00:00
nessus
nessus
Oracle Linux 6 : 389-ds-base (ELSA-2012-0997)
2013-07-12 00:00:00
CentOS 6 : 389-ds-base (CESA-2012:0997)
2012-07-11 00:00:00
RHEL 6 : 389-ds-base (RHSA-2012:0997)
2012-06-21 00:00:00
oraclelinux
oraclelinux
389-ds-base security update
2012-06-29 00:00:00
openvas
openvas
RedHat Update for 389-ds-base RHSA-2012:0997-01
2012-06-22 00:00:00
RedHat Update for 389-ds-base RHSA-2012:0997-01
2012-06-22 00:00:00
Oracle: Security Advisory (ELSA-2012-0997)
2015-10-06 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information
2013-05-27 00:00:00
HP-UX Directory Server informaton leakage
2013-05-27 00:00:00
centos
centos
389 security update
2012-07-10 17:32:43
redhat
redhat
(RHSA-2012:1041) Moderate: redhat-ds-base security update
2012-06-26 00:00:00
(RHSA-2012:0997) Moderate: 389-ds-base security update
2012-06-20 00:00:00

1.2 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.1%

JSON
Related for CVE-2012-2678
nvd1debiancve1prion1veracode2cvelist1ubuntucve1nessus5oraclelinux1openvas5securityvulns2centos1redhat2