CVE-2012-5940

Published: Feb 20, 2013Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process.

Affected (3)

Products: Ibm: Netezza

Ibm

1 product

Netezza

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Netezza	Version 6.0.5
Ibm Netezza	Version 6.0.8
Ibm Netezza	Version 7.0

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21624568

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/80535

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21624568

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/80535

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.