2.1
CVE-2012-2299
- EPSS 0.52%
- Veröffentlicht 14.08.2012 22:55:02
- Zuletzt bearbeitet 16.06.2026 23:41:18
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive information by reading from the database.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.401 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://www.openwall.com/lists/oss-security/2012/05/03/1
http://www.openwall.com/lists/oss-security/2012/05/03/2
http://drupal.org/node/1547506
http://drupal.org/node/1547508
http://drupal.org/node/1547674
http://drupalcode.org/project/ubercart.git/commitdiff/035d2cb
http://drupalcode.org/project/ubercart.git/commitdiff/8c61e84
http://secunia.com/advisories/48935
http://www.securityfocus.com/bid/53251