exploitDog

CVE-2021-27757

Опубликовано: 04 мар. 2022

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095303
Patch
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095303
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:bigfix_insights:*:*:*:*:*:*:*:*

Версия от 10.0 (включая) до 10.0.8.0 (исключая)

EPSS

Процентиль: 36%

0.00151

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312

Связанные уязвимости

GHSA-5975-c4rr-xpwg

CVSS3: 7.5

github

почти 4 года назад

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."

EPSS

Процентиль: 36%

0.00151

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-312