Описание
authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter.
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 8 (включая)
cpe:2.3:a:inventivetec:mediacast:*:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
почти 4 года назад
authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover usernames and cleartext passwords by reading the error messages returned for requests that use the UserID parameter.
EPSS
Процентиль: 66%
0.00516
Низкий
5 Medium
CVSS2
Дефекты
CWE-310