CVE-2010-3318 - IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allo

CVE-2010-3318

Summary

IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

References

http://secunia.com/advisories/41344
http://www.securityfocus.com/bid/43136
http://www-01.ibm.com/support/docview.wss?uid=swg1PJ37426

Vulnerable Configurations

cpe:2.3:a:ibm:filenet_content_manager:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_content_manager:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_content_manager:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_content_manager:4.5.1:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 14-09-2010 - 04:00)
Impact:
Exploitability:

CWE

CWE-255

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

aixapar	PJ37426
bid	43136
secunia	41344

Last major update

14-09-2010 - 04:00

Published

13-09-2010 - 21:00

Last modified

14-09-2010 - 04:00