The screensharing feature in the Admin application in Apple Xsan prior to 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate malicious users to obtain credentials by reading this dialog.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple xsan 1.0 |
||
apple xsan |
||
apple xsan 1.3 |
||
apple xsan 1.2 |