CVE-2012-4614

EPSS 0.58%
Veröffentlicht 27.11.2012 21:55:00
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security_alert@emc.com
Teams Watchlist Login
Unerledigt Login

The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ It Operations Intelligence Version <= 9.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.58%	0.662

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://archives.neohapsis.com/archives/bugtraq/2012-11/0095.html

http://osvdb.org/87877

http://secunia.com/advisories/51408

http://www.securityfocus.com/bid/56682

http://www.securitytracker.com/id?1027812

https://nvd.nist.gov/vuln/detail/CVE-2012-4614

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-4614

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-4614

EUVD