CVE-2012-2284

high

Description

The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.

References

http://www.securitytracker.com/id?1027647

http://www.securityfocus.com/bid/55883

http://secunia.com/advisories/50957

http://osvdb.org/86157

http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html

Details

Source: Mitre, NVD

Published: 2012-10-18

Updated: 2013-04-19

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High