CVE-2011-2223
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
Mobility Pack en versiones anteriores a la 1.2 de Novell Data Synchronizer 1.x hasta la 1.1.2 build 428 envia la contraseña Admin de LDAP en texto claro, lo que permite a atacantes remotos obtener información confidencial analizando el tráfico de red.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-06-02 CVE Reserved
- 2011-08-09 CVE Published
- 2024-08-06 CVE Updated
- 2024-11-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-310: Cryptographic Issues
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/49069 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/45527 | 2015-10-29 | |
| http://www.novell.com/support/viewContent.do?externalId=7009055 | 2015-10-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.0.0 Search vendor "Novell" for product "Data Synchronizer" and version "1.0.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.0 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.1 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Data Synchronizer Search vendor "Novell" for product "Data Synchronizer" | 1.1.2 Search vendor "Novell" for product "Data Synchronizer" and version "1.1.2" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.0 Search vendor "Novell" for product "Mobility Pack" and version "1.0" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1 Search vendor "Novell" for product "Mobility Pack" and version "1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1.1 Search vendor "Novell" for product "Mobility Pack" and version "1.1.1" | - |
Affected
| ||||||
| Novell Search vendor "Novell" | Mobility Pack Search vendor "Novell" for product "Mobility Pack" | 1.1.2 Search vendor "Novell" for product "Mobility Pack" and version "1.1.2" | - |
Affected
| ||||||