CVE-2012-0706

low

Published 2013-04-07 · Modified 2026-04-29

CVSS v3

—

CVSS v2

3.5

VIR risk

3.5

Description

IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004292

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004292
https://exchange.xforce.ibmcloud.com/vulnerabilities/73309
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004292
https://exchange.xforce.ibmcloud.com/vulnerabilities/73309

CWEs

CWE-255 CWE-264

Verify integrity in audit chain (admin only). AS-IS.