Vulnerability Description
Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Common Services | 1.0 |
| Broadcom | Unicenter Network And Systems Management | 3.0 |
| Broadcom | Unicenter Serviceplus Service Desk | 6.0 |
References
- http://osvdb.org/displayvuln.php?osvdb_id=10408
- http://secunia.com/advisories/12639/Vendor Advisory
- http://securitytracker.com/id?1011468
- http://www.securityfocus.com/bid/11277Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17562
- http://osvdb.org/displayvuln.php?osvdb_id=10408
- http://secunia.com/advisories/12639/Vendor Advisory
- http://securitytracker.com/id?1011468
- http://www.securityfocus.com/bid/11277Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17562
FAQ
What is CVE-2004-2436?
CVE-2004-2436 is a vulnerability with a CVSS score of 2.1 (LOW). Computer Associates Unicenter Common Services 3.0 and earlier stores the database "SA" password in cleartext in the TndAddNspTmp.bat file, which could allow local users to gain privileges.
How severe is CVE-2004-2436?
CVE-2004-2436 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2436?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Common Services, Broadcom Unicenter Network And Systems Management, Broadcom Unicenter Serviceplus Service Desk.