CVE-2012-1256 in EasyVistainfo

Summary

The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name in the SSPI_HEADER parameter, to index.php.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Responsible

Reservation

02/21/2012

Disclosure

02/22/2012

Moderation

VulDB entry created

Entries

VDB-60305

CPE

ready

CWE

CWE-287 (Confirmed)

CVSS

5.3

EPSS

0.00223

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-1256
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1256
CVE Details	https://www.cvedetails.com/cve/CVE-2012-1256/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!