Authentication Bypass Vulnerability in Parallels Plesk Small Business Panel
CVE-2011-4757

Currently unrated

Key Information:

Vendor: Parallels
Status: Parallels Plesk Small Business Panel
Vendor: CVE Published:; 16 December 2011

What is CVE-2011-4757?

The Parallels Plesk Small Business Panel version 10.2.0 is affected by a vulnerability that allows attackers to bypass authentication mechanisms. This issue arises from the generation of password fields without the disabling of the autocomplete feature, creating potential security risks in environments where workstations are left unattended. Attackers may exploit this flaw to access sensitive information by manipulating specific forms, such as those found in smb/auth and others.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/72209

vdb-entryx_refsource_XF

http://xss.cx/examples/plesk-reports/plesk-10.2.0.html

x_refsource_MISC

Timeline

Vulnerability published
Dec 16, 2011
Vulnerability Reserved
Dec 11, 2011