CVE-2007-3581
First published: Thu Jul 05 2007(Updated: )
The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jedox Palo | =1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2007-3581?
CVE-2007-3581 is classified as a medium severity vulnerability due to the potential for remote password exposure.
How do I fix CVE-2007-3581?
To fix CVE-2007-3581, upgrade to a version of Jedox Palo that securely encrypts passwords during transmission.
Who is affected by CVE-2007-3581?
Users of the Jedox Palo 1.5 client are affected by CVE-2007-3581 because it transmits passwords in cleartext.
What is the impact of exploiting CVE-2007-3581?
Exploiting CVE-2007-3581 could allow an attacker to capture user passwords through network sniffing.
Is CVE-2007-3581 specific to any operating system?
CVE-2007-3581 is not specific to any operating system; it affects the Jedox Palo client regardless of the OS used.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/jedox
- canonical/jedox palo
- version/jedox palo/1.5