Vulnerability Description
W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Boldgrid | W3 Total Cache | < 0.9.2.5 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2012/12/30/3Mailing ListThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-6079Third Party Advisory
- https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-preThird Party Advisory
- https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/Release NotesVendor Advisory
- http://www.openwall.com/lists/oss-security/2012/12/30/3Mailing ListThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2012-6079Third Party Advisory
- https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-preThird Party Advisory
- https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/Release NotesVendor Advisory
FAQ
What is CVE-2012-6079?
CVE-2012-6079 is a vulnerability with a CVSS score of 7.5 (HIGH). W3 Total Cache before 0.9.2.5 exposes sensitive cached database information which allows remote attackers to download this information via their hash keys.
How severe is CVE-2012-6079?
CVE-2012-6079 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6079?
Check the references section above for vendor advisories and patch information. Affected products include: Boldgrid W3 Total Cache.