CVE-2012-2173
Severity
5.0MEDIUM
EPSS
0.2%
top 54.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 20
Latest updateMay 17
Description
The ODBC driver in IBM Security AppScan Source 7.x and 8.x before 8.6 sends an SHA-1 hash of the connection password during connections to a solidDB database, which allows remote attackers to obtain sensitive information by sniffing the network.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9