Insecure Storage of User-Account Credentials in Trustwave WebDefend Enterprise

Insecure Storage of User-Account Credentials in Trustwave WebDefend Enterprise

CVE-2011-1906 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via requests to the management port, a different vulnerability than CVE-2011-0756.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.