CVE-2011-2759

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Directory Server
Vendor: CVE Published:; 17 July 2011

Summary

The login page of IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

References

http://www.ibm.com/support/docview.wss?uid=swg1IO14165

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg24030320

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/68585

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jul 17, 2011
Vulnerability Reserved
Jul 17, 2011