CVE-2012-3018
Published Jul 31, 2012
Last updated 12 years ago
Overview
- Description
- The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-310
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:iconics:genesis32:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5648CCCB-E3B4-4649-BF80-0CBBFF8D25ED",
"versionEndIncluding": "9.22"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:8.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DFC8F6B-B298-49A3-BBD8-CDA74785AC0A"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E01069E-E059-446B-A0C5-89C37C902D3D"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02BE61E1-12E1-46B3-B725-9A73EAD272B0"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7784C58-C8CF-4631-8171-67D95595FF79"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F303667-A48E-40D2-9C38-C9C2813020AF"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86628D9D-4270-4571-A57A-17962BC2027D"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EFFA7EA-6775-44B8-88ED-D1B6E4AE259A"
},
{
"criteria": "cpe:2.3:a:iconics:genesis32:9.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CDD1388-8FBF-4B3E-854E-B68D3EB6569B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:iconics:bizviz:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09717E94-3D2C-48E9-A267-4E75D2F343AD",
"versionEndIncluding": "9.22"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:8.05:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BEF3187-A001-4604-A292-6192678B2AB4"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2854F716-ED09-46E8-AF9C-030EADDDB29F"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.01:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3214375-3D3A-47F9-BE1F-D92102A8C8F9"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0585FE5D-0FA5-4E13-AA5E-B5714564A14C"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3E4B6521-EE6D-49FB-B771-830B34613007"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22060866-9121-480B-913A-41616CD94A27"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "278C55AD-294C-4D39-8E50-0726CA523A34"
},
{
"criteria": "cpe:2.3:a:iconics:bizviz:9.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B4F2D10-A4DD-4C7C-A5A8-BEDC23A413C2"
}
],
"operator": "OR"
}
]
}
]