CVE-2011-0410
 
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
CollabNet ScrumWorks Basic 1.8.4 uses cleartext credentials for network communication and the internal database, which makes it easier for context-dependent attackers to obtain sensitive information by (1) sniffing the network for transmissions of Java objects or (2) reading the database.
CollabNet ScrumWorks Basic v1.8.4 utiliza las credenciales en texto plano para la comunicaciĆ³n de la red y la base de datos interna, que facilita a los atacantes dependientes de contexto a obtener informaciĆ³n sensible mediante (1) espiando las transmisiones de los objetos Java o (2) lectura de la base de datos
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-01-11 CVE Reserved
- 2011-01-24 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
http://osvdb.org/70601 | Vdb Entry | |
http://osvdb.org/70602 | Vdb Entry | |
http://www.kb.cert.org/vuls/id/547167 | Third Party Advisory | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/64883 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://secunia.com/advisories/43010 | 2017-08-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Collabnet Search vendor "Collabnet" | Scrumworks Search vendor "Collabnet" for product "Scrumworks" | 1.8.4 Search vendor "Collabnet" for product "Scrumworks" and version "1.8.4" | basic |
Affected
|