Описание
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.00.010 (включая) до 5.16.063 (включая)
cpe:2.3:a:axis:device_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00138
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-316
CWE-312
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices.
EPSS
Процентиль: 34%
0.00138
Низкий
5.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-316
CWE-312