Lucene search

[email protected]CVE-2010-4184

HistoryNov 05, 2010 - 5:00 p.m.

CVE-2010-4184

2010-11-0517:00:04

CWE-310

[email protected]

web.nvd.nist.gov

cve-2010-4184

netsupport manager

nsm

sensitive information exposure

cleartext http headers

remote attackers

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network.

Affected configurations

NVD

Node

netsupportsoftwarenetsupport_managerRange≤11.00

netsupportsoftwarenetsupport_managerMatch5.00

netsupportsoftwarenetsupport_managerMatch5.01

netsupportsoftwarenetsupport_managerMatch5.02

netsupportsoftwarenetsupport_managerMatch5.02_f1

netsupportsoftwarenetsupport_managerMatch5.03

netsupportsoftwarenetsupport_managerMatch5.05

netsupportsoftwarenetsupport_managerMatch5.30

netsupportsoftwarenetsupport_managerMatch5.31

netsupportsoftwarenetsupport_managerMatch6.00

netsupportsoftwarenetsupport_managerMatch6.10

netsupportsoftwarenetsupport_managerMatch6.11

netsupportsoftwarenetsupport_managerMatch7.01

netsupportsoftwarenetsupport_managerMatch7.10

netsupportsoftwarenetsupport_managerMatch8.00

netsupportsoftwarenetsupport_managerMatch8.10

netsupportsoftwarenetsupport_managerMatch8.50

netsupportsoftwarenetsupport_managerMatch8.60

netsupportsoftwarenetsupport_managerMatch9.00

netsupportsoftwarenetsupport_managerMatch9.10

netsupportsoftwarenetsupport_managerMatch9.50

netsupportsoftwarenetsupport_managerMatch9.60

netsupportsoftwarenetsupport_managerMatch10.00

netsupportsoftwarenetsupport_managerMatch10.20

netsupportsoftwarenetsupport_managerMatch10.30

netsupportsoftwarenetsupport_managerMatch10.50

CPENameOperatorVersion
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managerle11.00
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.00
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.01
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.02
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.02_f1
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.03
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.05
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.30
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq5.31
netsupportsoftware:netsupport_managernetsupportsoftware netsupport managereq6.00

CPE	Name	Operator	Version
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	le	11.00
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.00
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.01
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.02
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.02_f1
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.03
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.05
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.30
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	5.31
netsupportsoftware:netsupport_manager	netsupportsoftware netsupport manager	eq	6.00

Rows per page:

1-10 of 261

References

www.kb.cert.org/vuls/id/465239

www.netsupportsoftware.com/support/td.asp?td=634

exchange.xforce.ibmcloud.com/vulnerabilities/62984

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for CVE-2010-4184

prion1 nessus2 cvelist1 nvd1