Loading
AccessControl/AuthEncoding.py in Zope before 2.13.19, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain passwords via vectors involving timing discrepancies in password validation.
Use CWE-362, Zope vendor hub and Zope product page to widen CVE-2012-5507 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2021-32674, CVE-2021-32811 and CVE-2023-41050 for nearby disclosures in the same product family.