Novell Data Synchronizer — known CVE vulnerabilities
Every CVE whose affected-product data names Novell Data Synchronizer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2011-1711 — CVSS 5.5 (medium): Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, and 1.1.x through 1.1.1 build 428…
CVE-2011-2221 — CVSS 5.0 (medium): The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin…
CVE-2011-2223 — CVSS 5.0 (medium): The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which…
CVE-2011-3013 — CVSS 5.0 (medium): WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it…
CVE-2011-3014 — CVSS 5.0 (medium): The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses…
CVE-2011-2222 — CVSS 4.3 (medium): Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows…
CVE-2011-2224 — CVSS 4.3 (medium): The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie…