CVE-2012-1827
published 2012-06-13CVE-2012-1827: The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which allows remote authenticated users to perform database…
PriorityP429medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
1.57%
72.3th percentile
The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which allows remote authenticated users to perform database operations via a SOAP request, as demonstrated by the initializeQueryDatabase2 request.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| efstechnology | autoform_pdm_archive | <= 7.0 | — |
| efstechnology | autoform_pdm_archive | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/49335http://www.kb.cert.org/vuls/id/773035http://www.kb.cert.org/vuls/id/MAPG-8RQL83http://www.securityfocus.com/bid/53716http://secunia.com/advisories/49335http://www.kb.cert.org/vuls/id/773035http://www.kb.cert.org/vuls/id/MAPG-8RQL83http://www.securityfocus.com/bid/53716
2012-06-13
Published