PT-2012-5518 · Emc · Emc Smarts Network Configuration Manager

Published

2012-11-27

Updated

2013-08-17

CVE-2012-4614

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions EMC Smarts Network Configuration Manager versions prior to 9.1

Description The default configuration of the software does not require authentication for database access, allowing remote attackers to have an unspecified impact via a network session.

Recommendations For versions prior to 9.1, update to version 9.1 or later to require authentication for database access.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2012-4614

Affected Products

Emc Smarts Network Configuration Manager

PT-2012-5518 · Emc · Emc Smarts Network Configuration Manager

CVE-2012-4614

Weakness Enumeration

Related Identifiers

Affected Products

References · 6