Mobility Pack@1.1.2 Security Vulnerabilities and Issues — Mobility Pack@1.1.2 CVE List

Lucene search

NovellMobility Pack1.1.2

5 matches found

CVE•added 2011/08/09 10:55 p.m.•81 views

CVE-2011-3013

WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack.

5CVSS6.7AI score0.0072EPSS

CVE•added 2011/08/09 10:55 p.m.•48 views

CVE-2011-2222

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

4.3CVSS6.8AI score0.00575EPSS

CVE•added 2011/08/09 10:55 p.m.•41 views

CVE-2011-2223

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

5CVSS6.5AI score0.00742EPSS

CVE•added 2011/08/09 10:55 p.m.•40 views

CVE-2011-3014

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation.

5CVSS6.3AI score0.00503EPSS

CVE•added 2011/08/09 10:55 p.m.•38 views

CVE-2011-2221

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

5CVSS6.8AI score0.00512EPSS