VYPR
Unrated severityNVD Advisory· Published Sep 20, 2011· Updated Jun 16, 2026

CVE-2011-1509

CVE-2011-1509

Description

The encryptPassword function in Login.js in ManageEngine ServiceDesk Plus (SDP) 8012 and earlier uses a Caesar cipher for encryption of passwords in cookies, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:manageengine:servicedesk_plus:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:manageengine:servicedesk_plus:*:*:*:*:*:*:*:*range: <=8012
    • cpe:2.3:a:manageengine:servicedesk_plus:8.0:*:*:*:*:*:*:*
    • (no CPE)range: <=8012

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.