Vulnerability Description
Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Agilefleet | Fleetcommander | <= 4.0 |
| Agilefleet | Fleetcommander Kiosk | <= 4.0 |
Related Weaknesses (CWE)
References
- http://www.kb.cert.org/vuls/id/427547US Government Resource
- http://www.securityfocus.com/bid/56427
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79858
- http://www.kb.cert.org/vuls/id/427547US Government Resource
- http://www.securityfocus.com/bid/56427
- https://exchange.xforce.ibmcloud.com/vulnerabilities/79858
FAQ
What is CVE-2012-4947?
CVE-2012-4947 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.
How severe is CVE-2012-4947?
CVE-2012-4947 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-4947?
Check the references section above for vendor advisories and patch information. Affected products include: Agilefleet Fleetcommander, Agilefleet Fleetcommander Kiosk.