CVE-2013-4091

2013-06-28T23:55:00
ID CVE-2013-4091
Type cve
Reporter cve@mitre.org
Modified 2013-07-01T16:38:00

Description

The SecureSphere Operations Manager (SOM) Management Server in Imperva SecureSphere 9.0.0.5 does not have an off autocomplete attribute for the password (aka j_password) field on the secsphLogin.jsp login page, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.