First published: Tue Sep 15 2009(Updated: )
The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Xsan | =1.2 | |
Apple Xsan | =1.3 | |
Apple Xsan | <=2.1.1 | |
Apple Xsan | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.