CVE-2012-2531

Microsoft IIS 7.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log, which allows local users to discover credentials by reading this file, aka "Password Disclosure Vulnerability."

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/56439
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15959

Scores

EPSS 0.0094
EPSS Percentile 56.8%

Details

CWE
CWE-200
Status published
Published Nov 14, 2012
Tracked Since Feb 18, 2026