Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902565 |
Categoría: | Web Servers |
Título: | VMware vFabric tc Server JMX Authentication Security Bypass Vulnerability |
Resumen: | The host is running VMware vFabric tc Server and is prone to; security bypass vulnerability. |
Descripción: | Summary: The host is running VMware vFabric tc Server and is prone to security bypass vulnerability. Vulnerability Insight: The flaw is caused by the storing of passwords for JMX authentication in an obfuscated form, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords. Vulnerability Impact: Successful exploitation could allow an attacker to bypass certain security restrictions and gain unauthorized access, which may lead to further attacks. Affected Software/OS: vFabric tc Server versions 2.0.0 through 2.0.5.SR01 vFabric tc Server versions 2.1.0 through 2.1.1.SR01 Solution: Upgrade to vFabric tc Server version 2.0.6.RELEASE or 2.1.2.RELEASE. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
Referencia Cruzada: |
BugTraq ID: 49122 Common Vulnerability Exposure (CVE) ID: CVE-2011-0527 http://www.securityfocus.com/bid/49122 http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0122.html http://securitytracker.com/id?1025923 XForce ISS Database: tcserver-jmx-sec-bypass(69156) https://exchange.xforce.ibmcloud.com/vulnerabilities/69156 |
Copyright | Copyright (C) 2011 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |