CVE-2012-4899
published 2012-10-10CVE-2012-4899: WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an…
PriorityP47low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.32%
23.9th percentile
WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wellintech | kingview | <= 6.53 | — |
| wellintech | kingview | — | — |
| wellintech | kingview | — | — |
| wellintech | kingview | — | — |
| wellintech | kingview | — | — |
| wellintech | kingview | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
WellinTech KingView User Credentials Not Securely Hashed
cisa_ics·2012-07-30
WellinTech KingView User Credentials Not Securely Hashed
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
WellinTech KingView User Credentials Not Securely Hashed
Last RevisedSeptember 06, 2018
Alert CodeICSA-12-283-02
## Overview
This advisory is a follow-up to the alert titled ICS-ALERT-12-212-02 WellinTech KingView User Credentials Not Securely Hashed that was published July 30, 2012, on the ICS-CERT Web page.
Dr. Wesley McGrew of Mississippi State University has identified a default credential vulnerability in WellinTech KingView application. WellinTech has produced a patch that mitigates this vulnerability.
Exploits that target this vulnerability are known to be publicly avai
GHSA
GHSA-5hrp-445r-xv7x: WellinTech KingView 6
ghsa_unreviewed·2022-05-17
CVE-2012-4899 [LOW] GHSA-5hrp-445r-xv7x: WellinTech KingView 6
WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file.
No detection rules found.
No writeups or analysis indexed.
2012-10-10
Published