CVE-2012-4615

Sažetak

EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors.

Reference

http://archives.neohapsis.com/archives/bugtraq/2012-11/0095.html
http://osvdb.org/87878
http://packetstormsecurity.org/files/118358/EMC-Smarts-Network-Configuration-Manager-Bypass.html
http://secunia.com/advisories/51408
http://www.securityfocus.com/bid/56682
http://www.securitytracker.com/id?1027812

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-08-2013 - 06:49

Objavljeno

27-11-2012 - 21:55