Computer Security
[EN] securityvulns.ru no-pyccku


VMware vFabric tc Server weak encryption
Published:17.08.2011
Source:
SecurityVulns ID:11865
Type:m-i-t-m
Threat Level:
4/10
Description:Server accepts cleartext password even if it's not allowed for user.
Affected:VMWARE : vFabric tc Server 2.0
 VMWARE : vFabric tc Server 2.1
CVE:CVE-2011-0527 (VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.)
Original documentdocumentVMWARE, CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass (17.08.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod