Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2871

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2871
Last Modified 16 Apr 2014 10:40:20
Published 15 Apr 2014 07:13:17
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2871

Summary

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote attackers to obtain sensitive information by sniffing the network.

Vulnerable Systems

Application

  • Paperthin Commonspot Content Server 7.0.1

  • Paperthin Commonspot Content Server 8.0.0

  • Paperthin Commonspot Content Server 8.0.1

  • Paperthin Commonspot Content Server 8.0.2


References

CERT-VN - VU#437385


Last Updated: 27 May 2016 11:05:00