CVE-2010-3122
Published Aug 25, 2010
Last updated 14 years ago
Overview
- Description
- The DevonIT thin-client management tool relies on a shared secret for authentication but transmits the secret in cleartext, which makes it easier for remote attackers to discover the secret value, and consequently obtain administrative control over client machines, by sniffing the network.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-255
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:devonit:thin-client_management_tool:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5DEE171-8B23-4815-8E4E-8BBCB39AE66F"
}
],
"operator": "OR"
}
]
}
]