5
CVE-2012-2173
- EPSS 1.17%
- Veröffentlicht 20.06.2012 10:27:28
- Zuletzt bearbeitet 16.06.2026 23:41:07
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote attackers to obtain sensitive information by sniffing the network.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Security Appscan Source Version7.0
Ibm ≫ Security Appscan Source Version8.0
Ibm ≫ Security Appscan Source Version8.0.0.1
Ibm ≫ Security Appscan Source Version8.0.0.2
Ibm ≫ Security Appscan Source Version8.5
Ibm ≫ Security Appscan Source Version8.5.0.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.17% | 0.634 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://www.ibm.com/support/docview.wss?uid=swg21598423
https://exchange.xforce.ibmcloud.com/vulnerabilities/75242