Back to search
CVE-2009-2272
Published: Jul 1, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The Huawei D100 stores the administrator's account name and password in cleartext in a cookie, which allows context-dependent attackers to obtain sensitive information by (1) reading a cookie file, by (2) sniffing the network for HTTP headers, and possibly by using unspecified other vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20090630 Multiple Flaws in Huawei D100
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now