ID |
CVE-2011-2223
|
Summary |
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:novell:data_synchronizer:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:data_synchronizer:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:data_synchronizer:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:data_synchronizer:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:mobility_pack:1.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.0:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:mobility_pack:1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:mobility_pack:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:novell:mobility_pack:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1.2:*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 29-10-2015 - 15:51) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-310 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
refmap
via4
|
|
Last major update |
29-10-2015 - 15:51 |
Published |
09-08-2011 - 22:55 |
Last modified |
29-10-2015 - 15:51 |