CVE-2011-1655

CWE-3103 documents3 sources
Severity
7.5HIGH
EPSS
9.9%
top 7.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Broadcom Total Defense
Timeline
PublishedApr 18
Latest updateMay 13

Description

The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and subsequently execute arbitrary code, by sniffing the network, related to the UNCWS Web Service.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-77c5-pfr8-483w: The management2022-05-13
CVEList
CVE-2011-1655: The management2011-04-15
CVE-2011-1655 (HIGH CVSS 7.5) | The management.asmx module in the M | cvebase.io