Vulnerabilities > CVE-2006-1211 - SQL-Injection vulnerability in Micromuse Netcool Neusecure 3.0.236
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
IBM Tivoli Micromuse Netcool/NeuSecure 3.0.236 configures a MySQL database to allow connections from any source IP address with the ns database account, which allows remote attackers to bypass the Netcool/NeuSecure application layer and perform unauthorized database actions. NOTE: IBM has privately confirmed to CVE that a fix is available for these issues.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |