The DevonIT thin-client management tool relies on a shared secret for authentication but transmits the secret in cleartext, which makes it easier for remote attackers to discover the secret value, and consequently obtain administrative control over client machines, by sniffing the network.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/278785 | US Government Resource |
Configurations
History
No history.
Information
Published : 2010-08-25 20:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-3122
Mitre link : CVE-2010-3122
CVE.ORG link : CVE-2010-3122
JSON object : View
Products Affected
devonit
- thin-client_management_tool
CWE
CWE-255
Credentials Management Errors