CVE-2012-6077: Infoleak
First published: Fri Nov 22 2019(Updated: )
W3 Total Cache before 0.9.2.5 allows remote attackers to retrieve password hash information due to insecure storage of database cache files.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Boldgrid W3 Total Cache | <0.9.2.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.openwall.com/lists/oss-security/2012/12/30/3
- https://security-tracker.debian.org/tracker/CVE-2012-6077
- http://www.openwall.com/lists/oss-security/2012/12/30/3
- https://www.acunetix.com/vulnerabilities/web/wordpress-w3-total-cache-plugin-predictable-cache-filenames/
- https://www.checkpoint.com/defense/advisories/public/2013/cpai-24-oct2.html
- https://www.w3-edge.com/weblog/2013/01/security-w3-total-cache-0-9-2-4/
Frequently Asked Questions
What is the vulnerability ID for W3 Total Cache?
The vulnerability ID for W3 Total Cache is CVE-2012-6077.
What is the severity of CVE-2012-6077?
The severity of CVE-2012-6077 is high with a CVSS score of 7.5.
How does CVE-2012-6077 impact W3 Total Cache?
CVE-2012-6077 allows remote attackers to retrieve password hash information due to insecure storage of database cache files in W3 Total Cache.
Which version of W3 Total Cache is affected by CVE-2012-6077?
W3 Total Cache versions up to exclusive 0.9.2.5 are affected by CVE-2012-6077.
How can I fix CVE-2012-6077 in W3 Total Cache?
To fix CVE-2012-6077 in W3 Total Cache, it is recommended to update to version 0.9.2.5 or newer.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- collector/security-tracker-debian
- source/Debian
- vendor/boldgrid
- canonical/boldgrid w3 total cache