exploitDog

CVE-2020-13473

Опубликовано: 28 дек. 2020

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.

Ссылки

https://cvewalkthrough.com/cve-2020-13473-nch-account-clear-text-password-storage/
Exploit
Third Party Advisory
https://tejaspingulkar.blogspot.com/2020/12/cve-2020-13473-nch-account-clear-text.html
Exploit
Third Party Advisory
https://cvewalkthrough.com/cve-2020-13473-nch-account-clear-text-password-storage/
Exploit
Third Party Advisory
https://tejaspingulkar.blogspot.com/2020/12/cve-2020-13473-nch-account-clear-text.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:nchsoftware:express_accounts:*:*:*:*:*:*:*:*

Версия до 8.24 (включая)

EPSS

Процентиль: 8%

0.00029

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-4328-wgfc-675c

github

больше 3 лет назад

NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.

EPSS

Процентиль: 8%

0.00029

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-312