CVE-2012-2455

EUVD-2012-2441
Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
advance_productivity_softwaredte_axiom
𝑥
≤ 12.3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2012/Sep/62
http://secunia.com/advisories/50508
http://www.osvdb.org/85499
http://seclists.org/fulldisclosure/2012/Sep/62
http://secunia.com/advisories/50508
http://www.osvdb.org/85499