- Description
- The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-287
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:netezza:6.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A06CF8D-EC1B-4AA1-AA1D-DB0CE1CC91BF"
},
{
"criteria": "cpe:2.3:h:ibm:netezza:6.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84B808D4-9613-4686-9982-95F663C8BEA9"
},
{
"criteria": "cpe:2.3:h:ibm:netezza:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5853E48B-3367-4C5D-B0F3-F039B20B372B"
}
],
"operator": "OR"
}
]
}
]