Lucene search
MitreCVE-2011-2151HistoryMay 20, 2011 - 10:55 p.m.
CVE-2011-2151
2011-05-2022:55:05
CWE-310
mitre
web.nvd.nist.gov
26
cve
2011
2151
cleartext password
vulnerability
smartertools
smarterstats 6.0
web server
remote attack
sensitive information
network sniffing
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
69.3%
The (1) Admin/frmEmailReportSettings.aspx, (2) Admin/frmGeneralSettings.aspx, (3) Admin/frmSite.aspx, (4) Client/frmUser.aspx, and (5) Login.aspx components in the SmarterTools SmarterStats 6.0 web server accept cleartext passwords, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
Affected configurations
Node
smartertoolssmarterstatsMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| smartertools | smarterstats | 6.0 | cpe:2.3:a:smartertools:smarterstats:6.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-2151
2011-05-20 22:00:00
nvd
nvd
CVE-2011-2151
2011-05-20 22:55:05
prion
prion
Design/Logic Flaw
2011-05-20 22:55:00
openvas
openvas
SmarterMail Multiple Vulnerabilities (May 2011)
2011-06-01 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.3
Confidence
Low
EPSS
0.003
Percentile
69.3%
Related for CVE-2011-2151