Vulnerability Details CVE-2012-3018
The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.2%
CVSS Severity
CVSS v2 Score 4.4
References
Products affected by CVE-2012-3018
-
cpe:2.3:a:iconics:bizviz:-
-
cpe:2.3:a:iconics:bizviz:8.05
-
cpe:2.3:a:iconics:bizviz:9.0
-
cpe:2.3:a:iconics:bizviz:9.01
-
cpe:2.3:a:iconics:bizviz:9.1
-
cpe:2.3:a:iconics:bizviz:9.13
-
cpe:2.3:a:iconics:bizviz:9.2
-
cpe:2.3:a:iconics:bizviz:9.20
-
cpe:2.3:a:iconics:bizviz:9.21
-
cpe:2.3:a:iconics:bizviz:9.22
-
cpe:2.3:a:iconics:genesis32:-
-
cpe:2.3:a:iconics:genesis32:8.05
-
cpe:2.3:a:iconics:genesis32:9.0
-
cpe:2.3:a:iconics:genesis32:9.01
-
cpe:2.3:a:iconics:genesis32:9.1
-
cpe:2.3:a:iconics:genesis32:9.13
-
cpe:2.3:a:iconics:genesis32:9.2
-
cpe:2.3:a:iconics:genesis32:9.20
-
cpe:2.3:a:iconics:genesis32:9.21
-
cpe:2.3:a:iconics:genesis32:9.22