CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3347

AutoFORM PDM Archive before 7.0 implements user accounts in a way that allows for JMX Console authentication, which allows remote authenticated users to bypass intended access restrictions via the /jmx-console URI, and then upload and execute arbitrary JSP code via a JBoss remote-deployment mechanism, a different vulnerability than CVE-2012-1828.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.9%

CVSS Severity

CVSS v2 Score 6.0

References

http://secunia.com/advisories/49335
http://www.kb.cert.org/vuls/id/773035
http://www.kb.cert.org/vuls/id/MAPG-8RQL83
http://secunia.com/advisories/49335
http://www.kb.cert.org/vuls/id/773035
http://www.kb.cert.org/vuls/id/MAPG-8RQL83

Products affected by CVE-2012-3347

Efstechnology » Autoform Pdm Archive » Version: 6.9

cpe:2.3:a:efstechnology:autoform_pdm_archive:6.9
Efstechnology » Autoform Pdm Archive » Version: 6.920

cpe:2.3:a:efstechnology:autoform_pdm_archive:6.920

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3347

Products

Pricing

Contact Us