National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:baramundi:management_suite:8.9
There are 3 matching records.
Vuln ID Summary CVSS Severity
CVE-2013-3625

An unspecified DLL file in Baramundi Management Suite 7.5 through 8.9 uses a hardcoded encryption key, which makes it easier for attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.

Published: October 03, 2013; 07:04:43 AM -04:00
    V2: 7.8 HIGH
CVE-2013-3624

The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.

Published: October 03, 2013; 07:04:43 AM -04:00
    V2: 7.8 HIGH
CVE-2013-3593

Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1) client-server communication and (2) data storage, which allows remote attackers to obtain sensitive information by sniffing the network, and allows context-dependent attackers to obtain sensitive information by reading a file.

Published: October 03, 2013; 07:04:43 AM -04:00
    V2: 7.8 HIGH