5

CVE-2005-0486

EPSS 0.52%
Veröffentlicht 30.03.2005 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tarantella ≫ Secure Global Desktop Versionenterprise_3.42

Tarantella ≫ Secure Global Desktop Versionenterprise_4.0

Tarantella ≫ Tarantella Enterprise Version3.30

Tarantella ≫ Tarantella Enterprise Version3.40

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.52%	0.641

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.tarantella.com/security/bulletin-11.html

Patch

Vendor Advisory

URL Repurposed

https://exchange.xforce.ibmcloud.com/vulnerabilities/19407

https://nvd.nist.gov/vuln/detail/CVE-2005-0486

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0486

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0486

EUVD