CVSS: 9.3EPSS: 1%CPEs: 1EXPL: 0CVE-2012-4614
https://notcve.org/view.php?id=CVE-2012-4614
The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session. La configuración por defecto de EMC Smarts Network Configuration Manager (NCM) antes de v9.1 no requiere de autenticación para el acceso a la base de datos, lo que permite a atacantes remotos tener un impacto no especificado a través de una sesión de red. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0095.html http://osvdb.org/87877 http://secunia.com/advisories/51408 http://www.securityfocus.com/bid/56682 http://www.securitytracker.com/id?1027812 • CWE-287: Improper Authentication •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-4615
https://notcve.org/view.php?id=CVE-2012-4615
EMC Smarts Network Configuration Manager (NCM) before 9.1 uses a hardcoded encryption key for the storage of credentials, which allows local users to obtain sensitive information via unspecified vectors. EMC Smarts Network Configuration Manager (NCM) antes de v9.1 tiene codificada la clave de cifrado para el almacenamiento de credenciales, lo que permite a usuarios remotos obtener información sensible a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-11/0095.html http://osvdb.org/87878 http://packetstormsecurity.org/files/118358/EMC-Smarts-Network-Configuration-Manager-Bypass.html http://secunia.com/advisories/51408 http://www.securityfocus.com/bid/56682 http://www.securitytracker.com/id?1027812 • CWE-310: Cryptographic Issues •