CVE-2015-4418
N/A
N/A
Summary
Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id/1032516
- http://www.securityfocus.com/bid/75068
- https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250
References
- http://www.securitytracker.com/id/1032516
- http://www.securityfocus.com/bid/75068
- https://support.zoho.com/portal/manageengine/helpcenter/articles/vulnerability-fix-for-fails-to-restrict-access-permissions-cross-site-scripting-cross-site-request-forgery-over-build-10250
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.