Описание
Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:kiwi_enterprises:kiwi_cattools:*:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00061
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.
EPSS
Процентиль: 19%
0.00061
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other