Описание
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00527
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
около 24 лет назад
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
github
больше 3 лет назад
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.
EPSS
Процентиль: 66%
0.00527
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other