| ID |
CVE-2012-2284
|
| Summary |
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.3:*:*:*:*:*:*:*
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.3:*:*:*:*:*:*:*
-
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.4:*:*:*:*:*:*:*
cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.4:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 2.1 (as of 19-04-2013 - 03:21) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-255 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
| bid | 55883 | | bugtraq | 20121010 ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities | | osvdb | 86157 | | sectrack | 1027647 | | secunia | 50957 |
|
| Last major update |
19-04-2013 - 03:21 |
| Published |
18-10-2012 - 17:55 |
| Last modified |
19-04-2013 - 03:21 |
