Lucene search
K
NovellData Synchronizer

7 matches found

CVE
CVE
added 2011/08/09 10:0 p.m.95 views

CVE-2011-3013

The CVE-2011-3013 entry affects WebAdmin in Mobility Pack before 1.2 within Novell Data Synchronizer 1.x up to 1.1.2 build 428. The underlying issue is the use of weak SSL ciphers, enabling a remote attacker to potentially gain access via brute-force attempts. Documented impact is partial confide...

5CVSS6.7AI score0.01188EPSS
CVE
CVE
added 2011/08/09 10:0 p.m.62 views

CVE-2011-2222

CVE-2011-2222 describes a session fixation vulnerability in WebAdmin of the Mobility Pack before 1.2, within Novell Data Synchronizer 1.x up to 1.1.2 build 428. The issue allows remote attackers to hijack web sessions via unspecified vectors. Affected component: WebAdmin/ Mobility Pack integratio...

4.3CVSS6.8AI score0.01182EPSS
CVE
CVE
added 2011/06/07 7:0 p.m.58 views

CVE-2011-1711

CVE-2011-1711 affects Novell Mobility Pack 1.1.2 and earlier, and Novell Data Synchronizer 1.0.x and 1.1.x up to 1.1.1 build 428. The description indicates an unspecified vulnerability where remote authenticated users can access other accounts via unknown vectors. Connected sources confirm affect...

5.5CVSS6.4AI score0.01276EPSS
CVE
CVE
added 2011/08/09 10:0 p.m.52 views

CVE-2011-2223

CVE-2011-2223 affects Novell Data Synchronizer 1.x with Mobility Pack prior to 1.2 (Mobility Pack before 1.2 in Data Synchronizer 1.x through 1.1.2 build 428). The underlying issue is that the Admin LDAP password is transmitted in cleartext over the network, allowing remote attackers to sniff and...

5CVSS6.5AI score0.01371EPSS
CVE
CVE
added 2011/08/09 10:0 p.m.51 views

CVE-2011-3014

The CVE-2011-3014 entry describes a vulnerability in Mobility Pack prior to 1.2 within Novell Data Synchronizer 1.x up to 1.1.2 build 428. The issue is failing to properly restrict caching of HTTPS responses, which could allow remote attackers to obtain sensitive information by leveraging an unat...

5CVSS6.3AI score0.01188EPSS
CVE
CVE
added 2011/08/09 10:0 p.m.50 views

CVE-2011-2221

The CVE-2011-2221 entry concerns the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428. The vulnerability allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors. The issue is documented in the NVD...

5CVSS6.8AI score0.01351EPSS
CVE
CVE
added 2011/08/09 10:0 p.m.46 views

CVE-2011-2224

CVE-2011-2224 – Normal mode Affected product: Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428. Vulnerability: Missing HTTPOnly flag in a Set-Cookie header, which can enable cross-site scripting (XSS) via unspecified vectors. Impact: Remote XSS potential as describ...

4.3CVSS5.8AI score0.01163EPSS