CVE-2011-3011 – CA Arcserve D2D - GWT RPC Credential Information Disclosure

https://notcve.org/view.php?id=CVE-2011-3011

15 Aug 2011 — BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions, which allows remote attackers to obtain credentials, and consequently execute arbitrary commands, via unspecified vectors. BaseServiceImpl.class en CA ARCserve D2D r15 no maneja adecuadamente las sesiones, permitiendo a atacantes remotos obtener credenciales, y por lo tanto ejecutar comandos arbitrarios a través de vectores no especificados. • https://www.exploit-db.com/exploits/41707 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •