exploitDog

CVE-2022-40295

Опубликовано: 31 окт. 2022

Источник: nvd

CVSS3: 4.9

EPSS Низкий

Описание

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.

Ссылки

https://www.themissinglink.com.au/security-advisories/cve-2022-40295
Third Party Advisory
https://www.themissinglink.com.au/security-advisories/cve-2022-40295
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phppointofsale:php_point_of_sale:19.0:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00139

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-916

CWE-311

Связанные уязвимости

GHSA-q484-cvj5-x4fv

CVSS3: 4.9

github

больше 3 лет назад

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks.

EPSS

Процентиль: 35%

0.00139

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-916

CWE-311