CVE-2009-1466

Опубликовано: 14 мая 2009

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.

Ссылки

http://securitytracker.com/id?1022204
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/503434/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/34911
Broken Link
Third Party Advisory
VDB Entry
http://www.syhunt.com/advisories/?id=aas-multiple
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/50590
Third Party Advisory
VDB Entry
http://securitytracker.com/id?1022204
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/503434/100/0/threaded
Broken Link
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/34911
Broken Link
Third Party Advisory
VDB Entry
http://www.syhunt.com/advisories/?id=aas-multiple
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/50590
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:klinzmann:application_access_server:2.0.48:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00035

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-pgr3-8qx7-6j82