CVE-2009-2201

The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:xsan:1.0:*:*:*:*:*:*:*
cpe:2.3:a:apple:xsan:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:xsan:1.3:*:*:*:*:*:*:*
cpe:2.3:a:apple:xsan:1.2:*:*:*:*:*:*:*

Information

Published : 2009-09-15 15:30

Updated : 2017-08-16 18:30


NVD link : CVE-2009-2201

Mitre link : CVE-2009-2201


JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

apple

  • xsan