CVE-2012-3821

Опубликовано: 10 янв. 2020

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

A Security Bypass vulnerability exists in the activate.asp page in Arial Software Campaign Enterprise 11.0.551, which could let a remote malicious user modify the SerialNumber field.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2012-10/0103.html
Broken Link
http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/79508
Third Party Advisory
VDB Entry
https://www.securityfocus.com/archive/1/524462
Exploit
Third Party Advisory
VDB Entry
https://www.securityfocus.com/bid/56117/info
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/bugtraq/2012-10/0103.html
Broken Link
http://sadgeeksinsnow.blogspot.dk/2012/10/my-first-experiences-bug-hunting-part-2.html
Exploit
Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/79508
Third Party Advisory
VDB Entry
https://www.securityfocus.com/archive/1/524462
Exploit
Third Party Advisory
VDB Entry
https://www.securityfocus.com/bid/56117/info
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:arialsoftware:campaign_enterprise:*:*:*:*:*:*:*:*

Версия до 11.0.551 (включая)

EPSS

Процентиль: 59%

0.0039

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-863

Связанные уязвимости

GHSA-q9x9-3h5c-87j4

github

почти 4 года назад