CVE-2010-0124

Опубликовано: 15 мар. 2010

Источник: nvd

CVSS2: 2.1

EPSS Низкий

Описание

Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

Ссылки

http://secunia.com/advisories/38739
Vendor Advisory
http://secunia.com/secunia_research/2010-12/
Vendor Advisory
http://www.osvdb.org/62830
http://www.securityfocus.com/archive/1/509996/100/0/threaded
http://www.securityfocus.com/bid/38642
https://exchange.xforce.ibmcloud.com/vulnerabilities/56800
http://secunia.com/advisories/38739
Vendor Advisory
http://secunia.com/secunia_research/2010-12/
Vendor Advisory
http://www.osvdb.org/62830
http://www.securityfocus.com/archive/1/509996/100/0/threaded
http://www.securityfocus.com/bid/38642
https://exchange.xforce.ibmcloud.com/vulnerabilities/56800

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:timeclock-software:employee_timeclock_software:0.99:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00063

Низкий

2.1 Low

CVSS2

Дефекты

CWE-255

Связанные уязвимости

GHSA-42m2-ww59-87vv

github

почти 4 года назад