CVE-2011-0718 - OpenCVE

Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Network Satellite Server

Configuration 1 [-]

cpe:2.3:a:redhat:network_satellite_server:5.4:*:*:*:*:*:*:*

References

Link	Resource
http://secunia.com/advisories/43487	Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-0300.html
http://www.securityfocus.com/bid/46528
http://www.securitytracker.com/id?1025116
http://www.vupen.com/english/advisories/2011/0491	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=672159
https://exchange.xforce.ibmcloud.com/vulnerabilities/65657

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2011-02-25T18:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2011-01-31T00:00:00

Link: CVE-2011-0718

JSON object: View

NVD Information

Status : Modified

Published: 2011-02-25T19:00:01.243

Modified: 2017-08-17T01:33:42.260

Link: CVE-2011-0718

JSON object: View

Redhat Information

No data.

CWE

CWE-287

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:network_satellite_server:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "4C97A99B-1303-4B2B-8B06-799837D66A57", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Red Hat Network (RHN) Satellite Server 5.4 does not use a time delay after a failed login attempt, which makes it easier for remote attackers to conduct brute force password guessing attacks."}, {"lang": "es", "value": "Red Hat Network (RHN) Satellite Server v5.4 no utiliza un intervalo de tiempo despu\u00e9s de un intento de login fallido, lo que facilita a los atacantes remotos realizar ataques de contrase\u00f1a por fuerza bruta."}], "id": "CVE-2011-0718", "lastModified": "2017-08-17T01:33:42.260", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-02-25T19:00:01.243", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/43487"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2011-0300.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/46528"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1025116"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2011/0491"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672159"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65657"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}