Vulnerabilities > CVE-2006-1210 - Unspecified vulnerability in Micromuse Netcool Neusecure 3.0.236
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The web interface for IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 includes the MySQL database username and password in cleartext in body.phtml, which allows remote attackers to gain privileges by reading the source. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://www.securityfocus.com/archive/1/427155/100/0/threaded
- http://www.securityfocus.com/archive/1/427155/100/0/threaded
- http://www.securityfocus.com/bid/17032
- http://www.securityfocus.com/bid/17032
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25270
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25270