Vulnerability Details CVE-2012-6077
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.openwall.com/lists/oss-security/2012/12/30/3
- https://security-tracker.debian.org/tracker/CVE-2012-6077
- https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/
- https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html
- https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/
- http://www.openwall.com/lists/oss-security/2012/12/30/3
- https://security-tracker.debian.org/tracker/CVE-2012-6077
- https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/
- https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html
- https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/
Products affected by CVE-2012-6077
-
cpe:2.3:a:boldgrid:w3_total_cache:-
-
cpe:2.3:a:boldgrid:w3_total_cache:0.5
-
cpe:2.3:a:boldgrid:w3_total_cache:0.6
-
cpe:2.3:a:boldgrid:w3_total_cache:0.7
-
cpe:2.3:a:boldgrid:w3_total_cache:0.7.5
-
cpe:2.3:a:boldgrid:w3_total_cache:0.7.5.1
-
cpe:2.3:a:boldgrid:w3_total_cache:0.7.5.2
-
cpe:2.3:a:boldgrid:w3_total_cache:0.8
-
cpe:2.3:a:boldgrid:w3_total_cache:0.8.5
-
cpe:2.3:a:boldgrid:w3_total_cache:0.8.5.1
-
cpe:2.3:a:boldgrid:w3_total_cache:0.8.5.2
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.0
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.1
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.1.1
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.1.2
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.1.3
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.2
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.2.1
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.2.2
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.2.3
-
cpe:2.3:a:boldgrid:w3_total_cache:0.9.2.4