Описание
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 65.0.0 (включая)
cpe:2.3:a:netsas:enigma_network_management_solution:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00153
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319
Связанные уязвимости
github
около 3 лет назад
NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.
EPSS
Процентиль: 37%
0.00153
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-319