CVE-2012-2368 - Vulnerability Details - OpenCVE

Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bytemark	Symbiosis

Configuration 1 [-]

cpe:2.3:a:bytemark:symbiosis:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://secunia.com/advisories/48993
http://www.openwall.com/lists/oss-security/2012/05/14/1
http://www.openwall.com/lists/oss-security/2012/05/14/3
https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-08-13T20:00:00Z

Updated: 2024-09-16T22:50:57.608Z

Reserved: 2012-04-19T00:00:00Z

Link: CVE-2012-2368

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-08-13T20:55:02.037

Modified: 2024-11-21T01:38:57.773

Link: CVE-2012-2368

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-08-13T20:00:00Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20120514 Re: CVE request: Bytemark Symbiosis", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/14/3"}, {"name": "[oss-security] 20120514 CVE request: Bytemark Symbiosis", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/05/14/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322"}, {"name": "48993", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48993"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-2368", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20120514 Re: CVE request: Bytemark Symbiosis", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/3"}, {"name": "[oss-security] 20120514 CVE request: Bytemark Symbiosis", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/1"}, {"name": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322", "refsource": "CONFIRM", "url": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322"}, {"name": "48993", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/48993"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:34:24.305Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20120514 Re: CVE request: Bytemark Symbiosis", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/14/3"}, {"name": "[oss-security] 20120514 CVE request: Bytemark Symbiosis", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/05/14/1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322"}, {"name": "48993", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/48993"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-2368", "datePublished": "2012-08-13T20:00:00Z", "dateReserved": "2012-04-19T00:00:00Z", "dateUpdated": "2024-09-16T22:50:57.608Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bytemark:symbiosis:*:*:*:*:*:*:*:*", "matchCriteriaId": "09B98A13-2EE1-4377-9957-FADB12A74AA2", "versionEndIncluding": "1321", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password."}, {"lang": "es", "value": "Bytemark Simbiosis antes de la revisi\u00f3n 1322 no valida correctamente las contrase\u00f1as, lo que permite acceder a atacantes remotos a cuentas de correo electr\u00f3nico a trav\u00e9s de una contrase\u00f1a arbitraria."}], "id": "CVE-2012-2368", "lastModified": "2024-11-21T01:38:57.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-13T20:55:02.037", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48993"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/1"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/3"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Patch"], "url": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48993"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/05/14/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://projects.bytemark.co.uk/projects/symbiosis/repository/diff?rev=1327&rev_to=1322"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}