Remote Credential Exposure in IBM Netezza WebAdmin Application
CVE-2012-5940

Currently unrated

Key Information:

Vendor: IBM
Status: Netezza
Vendor: CVE Published:; 20 February 2013

Summary

The IBM Netezza WebAdmin application versions 6.0.5, 6.0.8, and 7.0 prior to P2 are susceptible to a vulnerability that allows remote attackers to obtain user credentials. This occurs when Secure Sockets Layer (SSL) is not enabled, enabling attackers to sniff the network traffic during the authentication process, which poses a significant risk to data security and user integrity.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21624568

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/80535

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 20, 2013
Vulnerability Reserved
Nov 21, 2012