CVE-2011-4736
First published: Fri Dec 16 2011(Updated: )
The Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 receives cleartext password input over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by forms in login_up.php3 and certain other files.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Plesk | =10.2.0_build20110407.20 | |
| Microsoft Windows | ||
| Red Hat Enterprise Linux | =6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-4736?
CVE-2011-4736 is considered a medium severity vulnerability due to the risk of sensitive information exposure.
How do I fix CVE-2011-4736?
To fix CVE-2011-4736, implement HTTPS to encrypt data transmitted over the network.
Who is affected by CVE-2011-4736?
CVE-2011-4736 affects users of Parallels Plesk Panel version 10.2.0 build 20110407.20.
What kind of attacks can exploit CVE-2011-4736?
CVE-2011-4736 can be exploited through network sniffing attacks to capture cleartext passwords.
When was CVE-2011-4736 reported?
CVE-2011-4736 was reported in 2011, specifically in version 10.2.0 build 20110407.20 of Parallels Plesk Panel.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/parallels
- canonical/plesk
- version/plesk/10.2.0_build20110407.20
- vendor/microsoft
- canonical/microsoft windows
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/6.0