Описание
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:novell:data_synchronizer:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:data_synchronizer:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.0:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:novell:mobility_pack:1.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00635
Низкий
5 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
EPSS
Процентиль: 70%
0.00635
Низкий
5 Medium
CVSS2
Дефекты
CWE-310