CVE-2012-2455

critical

Description

Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors.

References

http://www.osvdb.org/85499

http://secunia.com/advisories/50508

http://seclists.org/fulldisclosure/2012/Sep/62

Details

Source: Mitre, NVD

Published: 2012-11-10

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0027

Detections

Analytics