{"api_version":"1","generated_at":"2026-04-23T09:37:06+00:00","cve":"CVE-2012-2284","urls":{"html":"https://cve.report/CVE-2012-2284","api":"https://cve.report/api/cve/CVE-2012-2284.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-2284","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-2284"},"summary":{"title":"CVE-2012-2284","description":"The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.","state":"PUBLIC","assigner":"security_alert@emc.com","published_at":"2012-10-18 17:55:00","updated_at":"2013-04-19 03:21:00"},"problem_types":["CWE-255"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/55883","name":"55883","refsource":"BID","tags":[],"title":"EMC NetWorker Module Remote Code Execution and Information Disclosure Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html","name":"20121010 ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities","refsource":"BUGTRAQ","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://www.securitytracker.com/id?1027647","name":"1027647","refsource":"SECTRACK","tags":[],"title":"EMC NetWorker Module for Microsoft Applications Lets Remote Users Execute Arbitrary Code and Local Users Obtain Passwords - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/86157","name":"86157","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/50957","name":"50957","refsource":"SECUNIA","tags":[],"title":"Security Alerts - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-2284","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-2284","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"networker_module_for_microsoft_applications","cpe6":"2.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"2284","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"microsoft","cpe5":"exchange_server","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security_alert@emc.com","ID":"CVE-2012-2284","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"86157","refsource":"OSVDB","url":"http://osvdb.org/86157"},{"name":"50957","refsource":"SECUNIA","url":"http://secunia.com/advisories/50957"},{"name":"55883","refsource":"BID","url":"http://www.securityfocus.com/bid/55883"},{"name":"1027647","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1027647"},{"name":"20121010 ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities","refsource":"BUGTRAQ","url":"http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html"}]}},"nvd":{"publishedDate":"2012-10-18 17:55:00","lastModifiedDate":"2013-04-19 03:21:00","problem_types":["CWE-255"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.2.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:networker_module_for_microsoft_applications:2.4:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:a:microsoft:exchange_server:*:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"2284","Ordinal":"54972","Title":"CVE-2012-2284","CVE":"CVE-2012-2284","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"2284","Ordinal":"1","NoteData":"The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.","Type":"Description","Title":null},{"CveYear":"2012","CveId":"2284","Ordinal":"2","NoteData":"2012-10-18","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"2284","Ordinal":"3","NoteData":"2013-03-02","Type":"Other","Title":"Modified"}]}}}