Описание
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:esesix:thintune_extreme:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_l:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_m:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_mobile:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_s:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_xm:2.4.38:*:*:*:*:*:*:*
cpe:2.3:h:esesix:thintune_xs:2.4.38:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00087
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier store sensitive usernames and passwords in cleartext in configuration files for the keeper library, which allows attackers to gain access.
EPSS
Процентиль: 25%
0.00087
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other