{"api_version":"1","generated_at":"2026-04-23T00:40:01+00:00","cve":"CVE-2012-4610","urls":{"html":"https://cve.report/CVE-2012-4610","api":"https://cve.report/api/cve/CVE-2012-4610.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-4610","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-4610"},"summary":{"title":"CVE-2012-4610","description":"EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging \"network access\" to the proxy client.","state":"PUBLIC","assigner":"security_alert@emc.com","published_at":"2012-10-31 10:50:00","updated_at":"2017-08-29 01:32:00"},"problem_types":["CWE-255"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/archive/1/524532","name":"20121026 EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/56317","name":"56317","refsource":"BID","tags":[],"title":"504 Gateway Time-out","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79661","name":"avamar-proxy-client-info-disc(79661)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-4610","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-4610","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"4610","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"avamar","cpe6":"6.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"4610","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"emc","cpe5":"avamar","cpe6":"6.1","cpe7":"-","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"vmware","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"security_alert@emc.com","ID":"CVE-2012-4610","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging \"network access\" to the proxy client."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"avamar-proxy-client-info-disc(79661)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79661"},{"name":"56317","refsource":"BID","url":"http://www.securityfocus.com/bid/56317"},{"name":"20121026 EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/524532"}]}},"nvd":{"publishedDate":"2012-10-31 10:50:00","lastModifiedDate":"2017-08-29 01:32:00","problem_types":["CWE-255"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:N/A:N","accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":3.3},"severity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:emc:avamar:6.1:-:*:*:*:vmware:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"4610","Ordinal":"57401","Title":"CVE-2012-4610","CVE":"CVE-2012-4610","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"4610","Ordinal":"1","NoteData":"EMC Avamar Client for VMware 6.1 stores the cleartext server root password on the proxy client, which might allow remote attackers to obtain sensitive information by leveraging \"network access\" to the proxy client.","Type":"Description","Title":null},{"CveYear":"2012","CveId":"4610","Ordinal":"2","NoteData":"2012-10-31","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"4610","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}