CVE-2011-2221

Novell Data Synchronizer <1.2 - Auth Bypass

Title source: llm

Description

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

References (3)

[Vendor Advisory] http://secunia.com/advisories/45527

[Vendor Advisory] http://www.novell.com/support/viewContent.do?externalId=7009053

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/49069

Scores

EPSS 0.0044

EPSS Percentile 62.7%

Classification

CWE

CWE-264

Status draft

Affected Products (8)

novell/data_synchronizer

novell/mobility_pack

Timeline

Published Aug 09, 2011

Tracked Since Feb 18, 2026