Описание
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.4 (включая)
Одно из
cpe:2.3:h:cisco:cs-mars:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cs-mars:4.1:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cs-mars:4.1.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cs-mars:4.1.3:*:*:*:*:*:*:*
cpe:2.3:h:cisco:cs-mars:4.1.5:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00167
Низкий
3.3 Low
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
почти 4 года назад
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files.
EPSS
Процентиль: 38%
0.00167
Низкий
3.3 Low
CVSS2
Дефекты
CWE-310