CVE-2012-1123

MantisBT <1.2.9 - Auth Bypass

Title source: llm

Description

The mci_check_login function in api/soap/mc_api.php in the SOAP API in MantisBT before 1.2.9 allows remote attackers to bypass authentication via a null password.

References (13)

Scores

EPSS 0.0136
EPSS Percentile 79.9%

Classification

CWE
CWE-287
Status draft

Affected Products (50)

mantisbt/mantisbt < 1.2.8
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
mantisbt/mantisbt
... and 35 more

Timeline

Published Jun 29, 2012
Tracked Since Feb 18, 2026