ByteOS Network

Vulnerability Details :

CVE-2012-4947

Assigner-certcc

Assigner Org ID-37e5125f-f79b-445b-8fad-9564f167944b

Published At-18 Nov, 2012 | 21:00

Updated At-06 Aug, 2024 | 20:50

Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:certcc

Assigner Org ID:37e5125f-f79b-445b-8fad-9564f167944b

Published At:18 Nov, 2012 | 21:00

Updated At:06 Aug, 2024 | 20:50

▼CVE Numbering Authority (CNA)

Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/79858	vdb-entry x_refsource_XF
http://www.kb.cert.org/vuls/id/427547	third-party-advisory x_refsource_CERT-VN
http://www.securityfocus.com/bid/56427	vdb-entry x_refsource_BID

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79858

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://www.kb.cert.org/vuls/id/427547

Resource:

third-party-advisory

x_refsource_CERT-VN

Hyperlink: http://www.securityfocus.com/bid/56427

Resource:

vdb-entry

x_refsource_BID

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/79858	vdb-entry x_refsource_XF x_transferred
http://www.kb.cert.org/vuls/id/427547	third-party-advisory x_refsource_CERT-VN x_transferred
http://www.securityfocus.com/bid/56427	vdb-entry x_refsource_BID x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79858

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://www.kb.cert.org/vuls/id/427547

Resource:

third-party-advisory

x_refsource_CERT-VN

x_transferred

Hyperlink: http://www.securityfocus.com/bid/56427

Resource:

vdb-entry

x_refsource_BID

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cret@cert.org

Published At:18 Nov, 2012 | 21:55

Updated At:11 Apr, 2025 | 00:51

Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N

Type: Primary

Version: 2.0

Base score: 5.0

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:N/C:P/I:N/A:N

CPE Matches

agilefleet>>fleetcommander>>Versions up to 4.0(inclusive)

cpe:2.3:a:agilefleet:fleetcommander:*:*:*:*:*:*:*:*

agilefleet>>fleetcommander_kiosk>>Versions up to 4.0(inclusive)

cpe:2.3:a:agilefleet:fleetcommander_kiosk:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-310	Primary	nvd@nist.gov

CWE ID: CWE-310

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.kb.cert.org/vuls/id/427547	cret@cert.org	US Government Resource
http://www.securityfocus.com/bid/56427	cret@cert.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/79858	cret@cert.org	N/A
http://www.kb.cert.org/vuls/id/427547	af854a3a-2127-422b-91ae-364da2661108	US Government Resource
http://www.securityfocus.com/bid/56427	af854a3a-2127-422b-91ae-364da2661108	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/79858	af854a3a-2127-422b-91ae-364da2661108	N/A

Hyperlink: http://www.kb.cert.org/vuls/id/427547

Source: cret@cert.org

Resource:

US Government Resource

Hyperlink: http://www.securityfocus.com/bid/56427

Source: cret@cert.org

Resource: N/A

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79858

Source: cret@cert.org

Resource: N/A

Hyperlink: http://www.kb.cert.org/vuls/id/427547

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

US Government Resource

Hyperlink: http://www.securityfocus.com/bid/56427

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79858

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Similar CVEs

1Records found

CVE-2012-4946

Matching Score-8

Assigner-CERT/CC

View Details

Matching Score-8

Assigner-CERT/CC

CVSS Score-5||MEDIUM

EPSS-0.72% / 71.50%

7 Day CHG~0.00%

Published-18 Nov, 2012 | 21:00

Updated-11 Apr, 2025 | 00:51

Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a key file and the encrypted strings.

Vendor-agilefleet n/a

Product-fleetcommander fleetcommander_kiosk n/a

CVE-2012-4947

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs