CVE-2011-1655 - The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server

CVE-2011-1655

Summary

The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service.

References

Vulnerable Configurations

cpe:2.3:a:broadcom:total_defense:r12:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:total_defense:r12:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 12-04-2021 - 14:30)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	47356
bugtraq	20110413 CA20110413-01: Security Notice for CA Total Defense 20110413 ZDI-11-127: CA Total Defense Suite UNCWS Web Service getDBConfigSettings Credential Disclosure Vulnerability
confirm	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={CD065CEC-AFE2-4D9D-8E0B-BE7F6E345866}
misc	http://www.zerodayinitiative.com/advisories/ZDI-11-127/
sectrack	1025353
secunia	44097
vupen	ADV-2011-0977
xf	totaldefense-uncsw-code-execution(66727)

Last major update

12-04-2021 - 14:30

Published

18-04-2011 - 15:00

Last modified

12-04-2021 - 14:30