Lucene search
IbmCVE-2012-4829HistoryApr 16, 2013 - 2:04 p.m.
CVE-2012-4829
2013-04-1614:04:30
CWE-310
ibm
web.nvd.nist.gov
25
ibm
xiv
storage
system
gen3
authentication
vulnerability
x.509
certificate
trust
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
27.2%
IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate certificate-trust relationship.
Affected configurations
Node
ibmxiv_storage_system_gen3Range≤11.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | xiv_storage_system_gen3 | * | cpe:2.3:h:ibm:xiv_storage_system_gen3:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2012-4829
2013-04-16 14:04:30
prion
prion
Default credentials
2013-04-16 14:04:00
cvelist
cvelist
CVE-2012-4829
2013-04-16 10:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
27.2%
Related for CVE-2012-4829