Lucene search

PRIOn knowledge basePRION:CVE-2012-2299

HistoryAug 14, 2012 - 10:55 p.m.

Information disclosure

2012-08-1422:55:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive information by reading from the database.

CPENameOperatorVersion
ubercarteq6.x-2.0 beta4
ubercarteq6.x-2.0 beta3
ubercarteq6.x-2.0 beta2
ubercarteq6.x-2.0 beta1
ubercarteq6.120.20
ubercarteq6.x-2.0 dev
ubercarteq6.x-2.0 beta6
ubercarteq6.x-2.0 rc3
ubercarteq6.x-2.0 rc5
ubercarteq6.x-2.0 rc2

Name	Operator	Version
ubercart	eq	6.x-2.0 beta4
ubercart	eq	6.x-2.0 beta3
ubercart	eq	6.x-2.0 beta2
ubercart	eq	6.x-2.0 beta1
ubercart	eq	6.120.20
ubercart	eq	6.x-2.0 dev
ubercart	eq	6.x-2.0 beta6
ubercart	eq	6.x-2.0 rc3
ubercart	eq	6.x-2.0 rc5
ubercart	eq	6.x-2.0 rc2

Rows per page:

1-10 of 341

References

drupalcode.org/project/ubercart.git/commitdiff/035d2cb

drupalcode.org/project/ubercart.git/commitdiff/8c61e84

secunia.com/advisories/48935

www.openwall.com/lists/oss-security/2012/05/03/1

www.openwall.com/lists/oss-security/2012/05/03/2

www.securityfocus.com/bid/53251

drupal.org/node/1547506

drupal.org/node/1547508

drupal.org/node/1547674