Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3692

Overview

Vulnerability Score 1.9 1.9
CVE Id CVE-2011-3692
Last Modified 21 May 2012 12:00:00
Published 27 Sep 2011 03:55:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3692

Summary

NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step.

Vulnerable Systems

Application

  • Netsaro Enterprise Messenger Server 2.0


References

MISC - http://www.solutionary.com/index/SERT/Vuln-Disclosures/NetSaro-Enterprise-Messenger-Vulnerability.html


Last Updated: 27 May 2016 10:57:44