Credential Disclosure in CA Total Defense's Unified Network Control Server
CVE-2011-1655
Currently unrated
What is CVE-2011-1655?
The management.asmx module within the Management Web Service of CA Total Defense's Unified Network Control Server versions prior to SE2 is prone to a credential disclosure vulnerability. This flaw allows remote attackers to intercept cleartext responses from getDBConfigSettings requests, potentially exposing sensitive database credentials. Such exposure could enable attackers to execute arbitrary code on the affected vulnerable systems when they leverage these credentials, heightening the risk of unauthorized access and exploitation.