Описание
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-0103
- https://bugzilla.redhat.com/show_bug.cgi?id=1073618
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136033.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136044.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/68247
EPSS
Процентиль: 23%
0.00075
Низкий
CVE ID
Связанные уязвимости
nvd
больше 11 лет назад
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credentials in cleartext, which allows local Apache users to obtain sensitive information by reading the PHP session files.
debian
больше 11 лет назад
WebAccess in Zarafa before 7.1.10 and WebApp before 1.6 stores credent ...
EPSS
Процентиль: 23%
0.00075
Низкий