CVE-2010-3122

The DevonIT thin-client management tool relies on a shared secret for authentication but transmits the secret in cleartext, which makes it easier for remote attackers to discover the secret value, and consequently obtain administrative control over client machines, by sniffing the network.
References
Link Resource
http://www.kb.cert.org/vuls/id/278785 US Government Resource
http://www.kb.cert.org/vuls/id/278785 US Government Resource
Configurations

Configuration 1 (hide)

cpe:2.3:a:devonit:thin-client_management_tool:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:18

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/278785 - US Government Resource () http://www.kb.cert.org/vuls/id/278785 - US Government Resource

Information

Published : 2010-08-25 20:00

Updated : 2024-11-21 01:18


NVD link : CVE-2010-3122

Mitre link : CVE-2010-3122

CVE.ORG link : CVE-2010-3122


JSON object : View

Products Affected

devonit

  • thin-client_management_tool
CWE
CWE-255

Credentials Management Errors