Vulnerabilities > Apple > Apple Remote Desktop > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-24 | CVE-2013-5136 | Information Exposure vulnerability in Apple Remote Desktop Apple Remote Desktop before 3.7 does not properly use server authentication-type information during decisions about whether to present an unencrypted-connection warning message, which allows remote attackers to obtain sensitive information in opportunistic circumstances by sniffing the network during an unintended cleartext VNC session. | 4.3 |
| 2012-08-22 | CVE-2012-0681 | Cryptographic Issues vulnerability in Apple Remote Desktop 3.5.2/3.5.3/3.6.0 Apple Remote Desktop before 3.6.1 does not recognize the "Encrypt all network data" setting during connections to third-party VNC servers, which allows remote attackers to obtain cleartext VNC session content by sniffing the network. | 4.3 |