CVE-2012-2455

medium

Published 2012-11-10 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.4

VIR risk

6.4

Description

Advanced Productivity Software DTE Axiom before 12.3.3 does not validate the registration ID, which allows remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://secunia.com/advisories/50508

Application impact

Vendor	Product	Versions	Fixed
advance_productivity_software	dte_axiom	`{"endIncluding":"12.3.2"}`

References

http://seclists.org/fulldisclosure/2012/Sep/62
http://secunia.com/advisories/50508
http://www.osvdb.org/85499
http://seclists.org/fulldisclosure/2012/Sep/62
http://secunia.com/advisories/50508
http://www.osvdb.org/85499

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.