exploitDog

CVE-2019-3947

Опубликовано: 12 июн. 2019

Источник: nvd

CVSS3: 9.8

CVSS2: 5

EPSS Низкий

Описание

Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.

Ссылки

http://www.securityfocus.com/bid/108740
https://www.tenable.com/security/research/tra-2019-27
Exploit
Third Party Advisory
http://www.securityfocus.com/bid/108740
https://www.tenable.com/security/research/tra-2019-27
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fujielectric:v-server:*:*:*:*:*:*:*:*

Версия до 6.0.33.0 (исключая)

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

GHSA-grf6-v344-mj9v

github

больше 3 лет назад

Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.

EPSS

Процентиль: 61%

0.00415

Низкий

9.8 Critical

CVSS3

5 Medium

CVSS2

Дефекты

CWE-522