CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1576

The myuser_delete function in libathemecore/account.c in Atheme 5.x before 5.2.7, 6.x before 6.0.10, and 7.x before 7.0.0-beta2 does not properly clean up CertFP entries when a user is deleted, which allows remote attackers to access a different user account or cause a denial of service (daemon crash) via a login as a deleted user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.3%

CVSS Severity

CVSS v2 Score 6.0

References

Products affected by CVE-2012-1576

Atheme » Atheme » Version: 5.2.0

cpe:2.3:a:atheme:atheme:5.2.0
Atheme » Atheme » Version: 5.2.1

cpe:2.3:a:atheme:atheme:5.2.1
Atheme » Atheme » Version: 5.2.2

cpe:2.3:a:atheme:atheme:5.2.2
Atheme » Atheme » Version: 5.2.3

cpe:2.3:a:atheme:atheme:5.2.3
Atheme » Atheme » Version: 5.2.4

cpe:2.3:a:atheme:atheme:5.2.4
Atheme » Atheme » Version: 5.2.5

cpe:2.3:a:atheme:atheme:5.2.5
Atheme » Atheme » Version: 5.2.6

cpe:2.3:a:atheme:atheme:5.2.6
Atheme » Atheme » Version: 5.2.7

cpe:2.3:a:atheme:atheme:5.2.7
Atheme » Atheme » Version: 6.0.0

cpe:2.3:a:atheme:atheme:6.0.0
Atheme » Atheme » Version: 6.0.1

cpe:2.3:a:atheme:atheme:6.0.1
Atheme » Atheme » Version: 6.0.2

cpe:2.3:a:atheme:atheme:6.0.2
Atheme » Atheme » Version: 6.0.3

cpe:2.3:a:atheme:atheme:6.0.3
Atheme » Atheme » Version: 6.0.4

cpe:2.3:a:atheme:atheme:6.0.4
Atheme » Atheme » Version: 6.0.5

cpe:2.3:a:atheme:atheme:6.0.5
Atheme » Atheme » Version: 6.0.6

cpe:2.3:a:atheme:atheme:6.0.6
Atheme » Atheme » Version: 6.0.7

cpe:2.3:a:atheme:atheme:6.0.7
Atheme » Atheme » Version: 6.0.8

cpe:2.3:a:atheme:atheme:6.0.8
Atheme » Atheme » Version: 6.0.9

cpe:2.3:a:atheme:atheme:6.0.9
Atheme » Atheme » Version: 7.0.0

cpe:2.3:a:atheme:atheme:7.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1576

Products

Pricing

Contact Us