PT-2009-2266 · Microsoft+1 · Exchange Server+1
Publicado
2009-05-07
·
Atualizado
2009-05-08
·
CVE-2008-6797
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Mitel NuPoint Messenger versions R11 and R3
Description:
The issue concerns the server in Mitel NuPoint Messenger sending usernames and passwords in cleartext to Exchange servers. This allows remote attackers to obtain sensitive information by sniffing the network.
Recommendations:
For versions R11 and R3, consider configuring the server to use encrypted communication with Exchange servers to protect sensitive information.
As a temporary workaround, restrict access to the network to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Exchange Server
Mitel Nupoint Messenger