CVE-2012-2531
Published Nov 14, 2012
Last updated 4 years ago
Overview
- Description
- Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F282E5E8-A5C9-4092-B0BF-07A5A2CAA6F4"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D16A8D29-57BF-4B74-85F2-24DBD8B52BBF"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:itanium:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B2B19826-5516-4899-9599-F95D0A03FBCD"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:r2:x64:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4945F25F-2828-4D03-930B-A109BA73E00C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]