Vulnerability Description
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Emc | Networker Module For Microsoft Applications | 2.2.1 |
| Microsoft | Exchange Server | All versions |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html
- http://osvdb.org/86157
- http://secunia.com/advisories/50957
- http://www.securityfocus.com/bid/55883
- http://www.securitytracker.com/id?1027647
- http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html
- http://osvdb.org/86157
- http://secunia.com/advisories/50957
- http://www.securityfocus.com/bid/55883
- http://www.securitytracker.com/id?1027647
FAQ
What is CVE-2012-2284?
CVE-2012-2284 is a vulnerability with a CVSS score of 2.1 (LOW). The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local user...
How severe is CVE-2012-2284?
CVE-2012-2284 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2284?
Check the references section above for vendor advisories and patch information. Affected products include: Emc Networker Module For Microsoft Applications, Microsoft Exchange Server.