The DevonIT thin-client management tool relies on a shared secret for authentication but transmits the secret in cleartext, which makes it easier for remote attackers to discover the secret value, and consequently obtain administrative control over client machines, by sniffing the network.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/278785 | US Government Resource |
http://www.kb.cert.org/vuls/id/278785 | US Government Resource |
Configurations
History
21 Nov 2024, 01:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/278785 - US Government Resource |
Information
Published : 2010-08-25 20:00
Updated : 2024-11-21 01:18
NVD link : CVE-2010-3122
Mitre link : CVE-2010-3122
CVE.ORG link : CVE-2010-3122
JSON object : View
Products Affected
devonit
- thin-client_management_tool
CWE
CWE-255
Credentials Management Errors