CVE-2019-6499

Опубликовано: 21 янв. 2019

Источник: nvd

CVSS3: 8.1

CVSS2: 9.3

EPSS Низкий

Описание

Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcoded password of TDv1i2e3w4 for the viewpoint database account (in viewpoint-portal\conf\server.xml) that could potentially be exploited by malicious users to compromise the affected system.

Ссылки

https://github.com/inf0seq/inf0seq.github.io/blob/master/_posts/2019-01-20-Teradata%20Viewpoint%20Hardcoded%20Password%20Vulnerability.md
Third Party Advisory
https://inf0seq.github.io/cve/2019/01/20/Teradata-Viewpoint-Hardcoded-Password-Vulnerability.html
Third Party Advisory
https://github.com/inf0seq/inf0seq.github.io/blob/master/_posts/2019-01-20-Teradata%20Viewpoint%20Hardcoded%20Password%20Vulnerability.md
Third Party Advisory
https://inf0seq.github.io/cve/2019/01/20/Teradata-Viewpoint-Hardcoded-Password-Vulnerability.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:teradata:viewpoint:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

cpe:2.3:a:teradata:viewpoint:16.20.00.02-b80:*:*:*:*:*:*:*

EPSS

Процентиль: 53%

0.00299

Низкий

8.1 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-798

Связанные уязвимости

GHSA-jpm6-hpj8-49xp