NVD

Id
9490  
Name
CVE-2011-2759  
Description
The login page of IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-07  
Published
2011-07-17  
Modified Date
2011-09-06  
Seq
2011-2759  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
54257 9490 CVE-2011-2759 http://www.ibm.com/support/docview.wss?crawler=1&uid=swg1IO14165  View
54258 9490 CVE-2011-2759 IO14165  View
54259 9490 CVE-2011-2759 http://www.ibm.com/support/docview.wss?uid=swg24030320  View
54260 9490 CVE-2011-2759 ibm-tds-idswebapp-info-disc(68585)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
34570 JVNDB-2011-004812 IBM TDS の IDSWebApp のログインページにおけるアクセス権を取得される脆弱性 IBM Tivoli Directory Server (TDS) の Web Administration Tool の IDSWebApp のログインページは、認証フィールドにオートコンプリートをオフに設定する属性を持たないため、アクセス権を取得される脆弱性が存在します。 CVE-2011-2759 50666 CVE-2011-2759 9490 5 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004812.html 2011-05-10 2012-03-27 View