Описание
An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.19.0018.26912 (исключая)
cpe:2.3:a:amcsgroup:trux_waste_management:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02881
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 6.2
github
почти 2 года назад
An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.
EPSS
Процентиль: 86%
0.02881
Низкий
6.2 Medium
CVSS3
Дефекты
CWE-200