Описание
Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ignitum:sera:1.2:*:*:*:*:iphone_os:*:*
cpe:2.3:a:ignitum:sera:1.2:*:*:*:*:mac_os_x:*:*
EPSS
Процентиль: 49%
0.00256
Низкий
7.8 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.
EPSS
Процентиль: 49%
0.00256
Низкий
7.8 High
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-522