The lockout-recovery feature in the Security Configurator component in ICONICS GENESIS32 9.22 and earlier and BizViz 9.22 and earlier uses an improper encryption algorithm for generation of an authentication code, which allows local users to bypass intended access restrictions and obtain administrative access by predicting a challenge response.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published: 2012-07-31T10:00:00Z

Updated: 2024-09-16T19:57:03.646Z

Reserved: 2012-05-30T00:00:00Z

Link: CVE-2012-3018

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-07-31T10:45:42.467

Modified: 2024-11-21T01:40:07.967

Link: CVE-2012-3018

cve-icon Redhat

No data.