← Voltar para CVEs
CVE-2009-5100
N/ADescricao
Pentaho BI Server 1.7.0.1062 and earlier does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate attackers to obtain the password.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado9/13/2011
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
pentaho:bi_server
Fraquezas (CWE)
CWE-200
Referencias
http://jira.pentaho.com/browse/BISERVER-2698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel(cve@mitre.org)
http://www.securityfocus.com/archive/1/507168/100/0/threaded(cve@mitre.org)
http://antisnatchor.com/2009/06/20/pentaho-1701062-multiple-vulnerabilities/(af854a3a-2127-422b-91ae-364da2661108)
http://jira.pentaho.com/browse/BISERVER-2698?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/507168/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.