PT-2011-2423 · Vmware · Vmware Vfabric Tc Server

Publicado

2011-08-15

Atualizado

2017-08-17

CVE-2011-0527

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions VMware vFabric tc Server versions 2.0.x through 2.0.5.RELEASE VMware vFabric tc Server versions 2.1.x through 2.1.1.RELEASE

Description The issue allows context-dependent attackers to obtain access more easily by leveraging the ability to read stored passwords, as the software accepts obfuscated passwords during JMX authentication.

Recommendations For versions 2.0.x through 2.0.5.RELEASE, update to version 2.0.6.RELEASE or later. For versions 2.1.x through 2.1.1.RELEASE, update to version 2.1.2.RELEASE or later.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2011-0527

Produtos afetados

Vmware Vfabric Tc Server

PT-2011-2423 · Vmware · Vmware Vfabric Tc Server

CVE-2011-0527

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6