CVE-2012-5940

IBM Netezza - Authentication Bypass

Title source: rule

Description

The WebAdmin application 6.0.5, 6.0.8, and 7.0 before P2 in IBM Netezza, when SSL is not enabled, allows remote attackers to discover credentials by sniffing the network during the authentication process.

References (2)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21624568

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/80535

Scores

EPSS 0.0019

EPSS Percentile 40.2%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

ibm/netezza

Timeline

Published Feb 20, 2013

Tracked Since Feb 18, 2026