Obfuscated Password Vulnerability in VMware vFabric tc Server

Obfuscated Password Vulnerability in VMware vFabric tc Server

CVE-2011-0527 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

VMware vFabric tc Server (aka SpringSource tc Server) 2.0.x before 2.0.6.RELEASE and 2.1.x before 2.1.2.RELEASE accepts obfuscated passwords during JMX authentication, which makes it easier for context-dependent attackers to obtain access by leveraging an ability to read stored passwords.

Learn more about our Cis Benchmark Audit For Server Software.