CVE-2012-2964 Information

Description

The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client which allows remote attackers to obtain sensitive information by sniffing the network for XML documents.

Reference

http://www.kb.cert.org/vuls/id/520430 http://www.kb.cert.org/vuls/id/MAPG-8GANCC http://www.secureworks.com/research/advisories/SWRX-2012-006/