CVE-2011-2143

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

I

BM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain.

References

Link	Resource
http://www.ibm.com/support/docview.wss?uid=swg27021511
http://www.securityfocus.com/bid/47909
https://exchange.xforce.ibmcloud.com/vulnerabilities/67505
http://www.ibm.com/support/docview.wss?uid=swg27021511
http://www.securityfocus.com/bid/47909
https://exchange.xforce.ibmcloud.com/vulnerabilities/67505

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:datacap_taskmaster_capture:8.0.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:27

Type	Values Removed	Values Added
References	~~() http://www.ibm.com/support/docview.wss?uid=swg27021511 -~~	() http://www.ibm.com/support/docview.wss?uid=swg27021511 -
References	~~() http://www.securityfocus.com/bid/47909 -~~	() http://www.securityfocus.com/bid/47909 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/67505 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/67505 -

Information

Published : 2011-05-16 18:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-2143

Mitre link : CVE-2011-2143

CVE.ORG link : CVE-2011-2143

JSON object : View

Products Affected

datacap_taskmaster_capture

CWE

CWE-264

Permissions, Privileges, and Access Controls

{"id": "CVE-2011-2143", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-05-16T18:55:01.510", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=swg27021511", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/47909", "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67505", "source": "[email protected]"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg27021511", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/47909", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67505", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "IBM Datacap Taskmaster Capture 8.0.1 before FP1, when Windows Authentication is enabled, allows remote attackers to obtain login access by using an incorrect password in conjunction with an account name from a different domain."}, {"lang": "es", "value": "IBM Datacap Taskmaster Capture v8.0.1 anteriores a FP1, cuando la autenticaci\u00f3n de Windows se encuentra activa, permite a atacantes remotos conseguir permisos de conexi\u00f3n mediante la utilizaci\u00f3n combinada de una contrase\u00f1a incorrecta y una cuenta de un dominio diferente."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:datacap_taskmaster_capture:8.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCB9F8B2-C56F-455E-A9E6-EED08B4B5B15"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}