CVE-2007-3581

{"id": "CVE-2007-3581", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-07-05T20:30:00.000", "references": [{"url": "http://85.10.222.122/mantis/public_show_bug.php?bug_id=452", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/45754", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View."}, {"lang": "es", "value": "El cliente Jedox Palo 1.5 transmite la contrase\u00f1a en texto claro, lo cual podr\u00eda permitir a usuarios remotos obtener la contrase\u00f1a husmeando la red, como se ha demostrado iniciando Excel con la extensi\u00f3n Palo, abriendo un cubo, y realizando una acci\u00f3n Insertar Vista."}], "lastModified": "2008-11-15T06:53:16.407", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jedox:palo:1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65834E52-0076-43A1-B859-B001DBC4BF34"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}