Vulnerability Description
VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Tc Server | 2.0.0 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0122.html
- http://securitytracker.com/id?1025923
- http://www.securityfocus.com/bid/49122
- http://www.springsource.com/security/cve-2011-0527Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69156
- http://archives.neohapsis.com/archives/fulldisclosure/2011-08/0122.html
- http://securitytracker.com/id?1025923
- http://www.securityfocus.com/bid/49122
- http://www.springsource.com/security/cve-2011-0527Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69156
FAQ
What is CVE-2011-0527?
CVE-2011-0527 is a vulnerability with a CVSS score of 5.0 (MEDIUM). VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for contex...
How severe is CVE-2011-0527?
CVE-2011-0527 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-0527?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Tc Server.