ID
VAR-201112-0220
CVE
CVE-2011-4757
TITLE
Parallels Plesk Small Business Panel Trust Management Vulnerability
Trust: 1.2
sources:
CNVD: CNVD-2011-5628 //
CNNVD: CNNVD-201112-318
DESCRIPTION
Parallels Plesk Small Business Panel 10.2.0 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as demonstrated by forms in smb/auth and certain other files. Remote attackers can bypass authentication by using unattended workstations, as evidenced by forms in smb / auth and some other documents
Trust: 2.25
sources:
NVD: CVE-2011-4757 //
JVNDB: JVNDB-2011-003444 //
CNVD: CNVD-2011-5628 //
VULMON: CVE-2011-4757
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2011-5628
AFFECTED PRODUCTS
| vendor: | parallels | model: | plesk small business panel | scope: | eq | version: | 10.2.0 | Trust: 3.0 |
sources:
CNVD: CNVD-2011-5628 //
JVNDB: JVNDB-2011-003444 //
CNNVD: CNNVD-201112-318 //
NVD: CVE-2011-4757
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2011-5628 //
VULMON: CVE-2011-4757 //
JVNDB: JVNDB-2011-003444 //
CNNVD: CNNVD-201112-318 //
NVD: CVE-2011-4757
PROBLEMTYPE DATA
| problemtype: | CWE-255 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2011-003444 //
NVD: CVE-2011-4757
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201112-318
TYPE
trust management
Trust: 0.6
sources:
CNNVD: CNNVD-201112-318
CONFIGURATIONS
sources:
JVNDB: JVNDB-2011-003444
PATCH
| title: | Parallels Plesk Small Business Panel | url: | http://www.parallels.com/products/small-business-panel/documentation/ | Trust: 0.8 |
sources:
JVNDB: JVNDB-2011-003444
EXTERNAL IDS
| db: | NVD | id: | CVE-2011-4757 | Trust: 3.1 |
| db: | JVNDB | id: | JVNDB-2011-003444 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2011-5628 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-201112-318 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2011-4757 | Trust: 0.1 |
sources:
CNVD: CNVD-2011-5628 //
VULMON: CVE-2011-4757 //
JVNDB: JVNDB-2011-003444 //
CNNVD: CNNVD-201112-318 //
NVD: CVE-2011-4757
REFERENCES
| url: | http://xss.cx/examples/plesk-reports/plesk-10.2.0.html | Trust: 1.7 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4757 | Trust: 1.4 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/72209 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4757 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/255.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
CNVD: CNVD-2011-5628 //
VULMON: CVE-2011-4757 //
JVNDB: JVNDB-2011-003444 //
CNNVD: CNNVD-201112-318 //
NVD: CVE-2011-4757
SOURCES
| db: | CNVD | id: | CNVD-2011-5628 |
| db: | VULMON | id: | CVE-2011-4757 |
| db: | JVNDB | id: | JVNDB-2011-003444 |
| db: | CNNVD | id: | CNNVD-201112-318 |
| db: | NVD | id: | CVE-2011-4757 |
LAST UPDATE DATE
2025-04-11T23:02:03.691000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2011-5628 | date: | 2011-12-19T00:00:00 |
| db: | VULMON | id: | CVE-2011-4757 | date: | 2017-08-29T00:00:00 |
| db: | JVNDB | id: | JVNDB-2011-003444 | date: | 2011-12-20T00:00:00 |
| db: | CNNVD | id: | CNNVD-201112-318 | date: | 2011-12-19T00:00:00 |
| db: | NVD | id: | CVE-2011-4757 | date: | 2025-04-11T00:51:21.963 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2011-5628 | date: | 2011-12-19T00:00:00 |
| db: | VULMON | id: | CVE-2011-4757 | date: | 2011-12-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2011-003444 | date: | 2011-12-20T00:00:00 |
| db: | CNNVD | id: | CNNVD-201112-318 | date: | 2011-12-19T00:00:00 |
| db: | NVD | id: | CVE-2011-4757 | date: | 2011-12-16T11:55:11.360 |