exploitDog

CVE-2012-4946

Опубликовано: 18 нояб. 2012

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a key file and the encrypted strings.

Ссылки

http://www.kb.cert.org/vuls/id/427547
US Government Resource
http://www.securityfocus.com/bid/56427
https://exchange.xforce.ibmcloud.com/vulnerabilities/79857
http://www.kb.cert.org/vuls/id/427547
US Government Resource
http://www.securityfocus.com/bid/56427
https://exchange.xforce.ibmcloud.com/vulnerabilities/79857

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:agilefleet:fleetcommander:*:*:*:*:*:*:*:*

Версия до 4.0 (включая)

cpe:2.3:a:agilefleet:fleetcommander_kiosk:*:*:*:*:*:*:*:*

Версия до 4.0 (включая)

EPSS

Процентиль: 80%

0.01388

Низкий

5 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

GHSA-56h6-fch2-ghhm

github

больше 3 лет назад

Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a key file and the encrypted strings.

EPSS

Процентиль: 80%

0.01388

Низкий

5 Medium

CVSS2

Дефекты

CWE-310