CVE-2012-3798

The Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when creating a local user account, allows attackers to obtain part of the initial input used to generate passwords, which makes it easier to conduct brute force password guessing attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
bryce_hamrickjanrain_capture
6.x-1.0:x
bryce_hamrickjanrain_capture
7.x-1.0:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/1632702
http://drupal.org/node/1632704
http://drupal.org/node/1632734
http://osvdb.org/82957
http://drupal.org/node/1632702
http://drupal.org/node/1632704
http://drupal.org/node/1632734
http://osvdb.org/82957