CVE-2012-2299

The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive information by reading from the database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.0:x
ubercartubercart
6.x-2.1:x
ubercartubercart
6.x-2.2:x
ubercartubercart
6.x-2.3:x
ubercartubercart
6.x-2.4:x
ubercartubercart
6.x-2.6:x
ubercartubercart
6.x-2.7:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
ubercartubercart
7.x-3.0:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1547506
http://drupal.org/node/1547508
http://drupal.org/node/1547674
http://drupalcode.org/project/ubercart.git/commitdiff/035d2cb
http://drupalcode.org/project/ubercart.git/commitdiff/8c61e84
http://secunia.com/advisories/48935
http://www.openwall.com/lists/oss-security/2012/05/03/1
http://www.openwall.com/lists/oss-security/2012/05/03/2
http://www.securityfocus.com/bid/53251
http://drupal.org/node/1547506
http://drupal.org/node/1547508
http://drupal.org/node/1547674
http://drupalcode.org/project/ubercart.git/commitdiff/035d2cb
http://drupalcode.org/project/ubercart.git/commitdiff/8c61e84
http://secunia.com/advisories/48935
http://www.openwall.com/lists/oss-security/2012/05/03/1
http://www.openwall.com/lists/oss-security/2012/05/03/2
http://www.securityfocus.com/bid/53251