Credential Disclosure in CA Total Defense's Unified Network Control Server
CVE-2011-1655

Currently unrated

Key Information:

Vendor

Broadcom

Vendor
CVE Published:
18 April 2011

What is CVE-2011-1655?

The management.asmx module within the Management Web Service of CA Total Defense's Unified Network Control Server versions prior to SE2 is prone to a credential disclosure vulnerability. This flaw allows remote attackers to intercept cleartext responses from getDBConfigSettings requests, potentially exposing sensitive database credentials. Such exposure could enable attackers to execute arbitrary code on the affected vulnerable systems when they leverage these credentials, heightening the risk of unauthorized access and exploitation.

References

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.