CVE-2012-0435

3 documents3 sources
Severity
5.8MEDIUM
EPSS
0.7%
top 28.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Suse Webyast
Timeline
PublishedJan 26
Latest updateMay 4

Description

SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDsuse/webyast1.2

🔴Vulnerability Details

2
GHSA
GHSA-p4g6-r5h7-2fc4: SUSE WebYaST before 12022-05-04
CVEList
CVE-2012-0435: SUSE WebYaST before 12013-01-26
CVE-2012-0435 (MEDIUM CVSS 5.8) | SUSE WebYaST before 1.2 0.2.63-0.6. | cvebase.io