CVE-2012-3312

CWE-3103 documents3 sources
Severity
5.0MEDIUM
EPSS
0.3%
top 42.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Guardium
Timeline
PublishedAug 29
Latest updateMay 17

Description

The datasource definition editor in IBM InfoSphere Guardium 8.2 and earlier, when the save-password setting is enabled, transmits cleartext database credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-975g-jv28-79r2: The datasource definition editor in IBM InfoSphere Guardium 82022-05-17
CVEList
CVE-2012-3312: The datasource definition editor in IBM InfoSphere Guardium 82012-08-29
CVE-2012-3312 (MEDIUM CVSS 5) | The datasource definition editor in | cvebase.io