CVE Vulnerabilities

CVE-2011-4736

Published: Dec 16, 2011 | Modified: Apr 22, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in login_up.php3 and certain other files.

Affected Software

Name Vendor Start Version End Version
Parallels_plesk_panel Parallels 10.2.0_build20110407.20 (including) 10.2.0_build20110407.20 (including)

References