Описание
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:scarybear:pocketexpense_pro:3.9.1:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00177
Низкий
3.6 Low
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
ScaryBear PocketExpense Pro 3.9.1 uses an internally recorded key to protect a data file whose contents are stored in plaintext, which allows local users to disable authentication and access the file by modifying a certain value in the file header.
EPSS
Процентиль: 39%
0.00177
Низкий
3.6 Low
CVSS2
Дефекты
NVD-CWE-Other