exploitDog

GHSA-cv28-q863-gmxm

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.

\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.

Ссылки

EPSS

Процентиль: 26%

0.0009

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2018-7581

CVSS3: 7.8

nvd

почти 8 лет назад

\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin.

EPSS

Процентиль: 26%

0.0009

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-732