| |
Vulnerability CVE-2007-3581
Published: 2007-07-05 Modified: 2012-02-12
| Description: |
The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View. |
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
5/10 |
2.9/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://osvdb.org/45754
http://85.10.222.122/mantis/public_show_bug.php?bug_id=452
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
