CVE-2011-0527

Published Aug 15, 2011

Last updated a month ago

CVSS info 5.0

Overview

Description: VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.
Source: secalert@redhat.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F6F8DB3-F9CA-4365-8BB6-1BE6BFA6F645"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.0:sr01:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A67DBDAA-3E43-4771-966F-961CEA23B6AA"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCF72B94-48B3-4393-AB35-CB4FE1531AA2"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB33F6F2-347A-48E2-8B8C-9EECC2A0344A"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.2:sr01:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4EBF274-552B-4E96-B2E1-608262613DAA"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.2:sr02:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B6CE4A4-F3ED-4ABC-93AA-1F6588DC4178"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7B2917E-8480-4BA1-8BD4-D144C4CE4E50"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "896969E5-C24D-442D-83C9-00FC61AB2C21"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6228753-E531-4153-B6CC-B33515E3ED96"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.0.5:sr01:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B06497A-8879-452C-AEF8-F96B45CC6162"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E0BEB8B-B75A-4CCD-A360-1C485F570E94"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D6A21F2-A709-4591-A0BA-F5B0FDCDE3F2"
          },
          {
            "criteria": "cpe:2.3:a:vmware:tc_server:2.1.1:sr01:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3213BEC8-88B5-4C38-8E7E-5AD8468E5617"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References