Описание
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bindview:netinventory:1.0:*:*:*:*:*:*:*
cpe:2.3:a:bindview:netrc:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00072
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.
EPSS
Процентиль: 23%
0.00072
Низкий
2.1 Low
CVSS2
Дефекты
NVD-CWE-Other