CVE-2011-3692

Name of the Vulnerable Software and Affected Versions NetSaro Enterprise Messenger Server version 2.0

Description The issue allows local users to obtain sensitive information by reading the configuration.xml file, which stores cleartext console credentials, and then performing a base64 decoding step.

Recommendations For NetSaro Enterprise Messenger Server version 2.0, consider encrypting or securely storing console credentials in the configuration.xml file to prevent unauthorized access. As a temporary workaround, restrict access to the configuration.xml file to minimize the risk of exploitation.