Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1827

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2012-1827
Last Modified 28 Sep 2012 11:17:03
Published 13 Jun 2012 03:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-1827

Summary

The web service in AutoFORM PDM Archive before 7.1 does not have authorization requirements, which allows remote authenticated users to perform database operations via a SOAP request, as demonstrated by the initializeQueryDatabase2 request.

Vulnerable Systems

Application

  • Efstechnology Autoform Pdm Archive 6.920

  • Efstechnology Autoform Pdm Archive 7.0


References

CERT-VN - VU#773035

CONFIRM - http://www.kb.cert.org/vuls/id/MAPG-8RQL83

BID - 53716

SECUNIA - 49335


Last Updated: 27 May 2016 10:47:11