Severity
5.0MEDIUM
EPSS
0.5%
top 35.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 9
Latest updateMay 17
Description
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9