5

CVE-2005-0486

EPSS 0.52%
Published 30.03.2005 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Tarantella Secure Global Desktop Enterprise Edition 4.00 and 3.42, and Tarantella Enterprise 3 3.40 and 3.30, when using RSA SecurID and multiple users have the same username, reveals sensitive information during authentication, which allows remote attackers to identify valid usernames and the authentication scheme.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Tarantella ≫ Secure Global Desktop Versionenterprise_3.42

Tarantella ≫ Secure Global Desktop Versionenterprise_4.0

Tarantella ≫ Tarantella Enterprise Version3.30

Tarantella ≫ Tarantella Enterprise Version3.40

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.52%	0.641

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.tarantella.com/security/bulletin-11.html

Patch

Vendor Advisory

URL Repurposed

https://exchange.xforce.ibmcloud.com/vulnerabilities/19407

https://nvd.nist.gov/vuln/detail/CVE-2005-0486

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0486

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0486

EUVD