CVE-2011-3014
Summary
| CVE | CVE-2011-3014 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2011-08-09 22:55:01 UTC |
| Updated | 2026-04-29 01:13:23 UTC |
| Description | The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
LowAuthentication
NoneConfidentiality
PartialIntegrity
NoneAvailability
NoneAV:N/AC:L/Au:N/C:P/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Novell | Data Synchronizer | 1.0.0 | All | All | All |
| Application | Novell | Data Synchronizer | 1.1.0 | All | All | All |
| Application | Novell | Data Synchronizer | 1.1.1 | All | All | All |
| Application | Novell | Data Synchronizer | 1.1.2 | All | All | All |
| Application | Novell | Mobility Pack | 1.0 | All | All | All |
| Application | Novell | Mobility Pack | 1.1 | All | All | All |
| Application | Novell | Mobility Pack | 1.1.1 | All | All | All |
| Application | Novell | Mobility Pack | 1.1.2 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| Cacheable HTTPS Response | af854a3a-2127-422b-91ae-364da2661108 | www.novell.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.