exploitDog

GHSA-gg3v-pcgq-5p63

Опубликовано: 31 мая 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

Ссылки

EPSS

Процентиль: 78%

0.0119

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-319

Связанные уязвимости

CVE-2023-33730

CVSS3: 9.8

nvd

больше 2 лет назад

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format.

EPSS

Процентиль: 78%

0.0119

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-319