CVE-2012-2299

EUVD-2012-2292
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive information by reading from the database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.1:x
ubercartubercart
6.x-2.2:x
ubercartubercart
6.x-2.3:x
ubercartubercart
6.x-2.4:x
ubercartubercart
6.x-2.6:x
ubercartubercart
6.x-2.7:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1547506
http://drupal.org/node/1547508
http://drupal.org/node/1547674
http://drupalcode.org/project/ubercart.git/commitdiff/035d2cb
http://drupalcode.org/project/ubercart.git/commitdiff/8c61e84
http://secunia.com/advisories/48935
http://www.openwall.com/lists/oss-security/2012/05/03/1
http://www.openwall.com/lists/oss-security/2012/05/03/2
http://www.securityfocus.com/bid/53251
http://drupal.org/node/1547506
http://drupal.org/node/1547508
http://drupal.org/node/1547674
http://drupalcode.org/project/ubercart.git/commitdiff/035d2cb
http://drupalcode.org/project/ubercart.git/commitdiff/8c61e84
http://secunia.com/advisories/48935
http://www.openwall.com/lists/oss-security/2012/05/03/1
http://www.openwall.com/lists/oss-security/2012/05/03/2
http://www.securityfocus.com/bid/53251