Tembria Server Monitor before 6.0.5 Build 2252 uses a substitution cipher to encrypt application credentials, which allows local users to obtain sensitive information by leveraging read access to (1) authentication.dat or (2) XML files in the Exports directory.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:30
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.solutionary.com/index/SERT/Vuln-Disclosures/Tembria-Server-Monitor-Weak-Xpto-Pwd-Storage.html - |
Information
Published : 2011-09-27 19:55
Updated : 2024-11-21 01:30
NVD link : CVE-2011-3685
Mitre link : CVE-2011-3685
CVE.ORG link : CVE-2011-3685
JSON object : View
Products Affected
tembria
- server_monitor
CWE
CWE-310
Cryptographic Issues