Описание
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
Ссылки
- Release Notes
Уязвимые конфигурации
Конфигурация 1Версия от 5.6 (включая) до 5.8 (исключая)
cpe:2.3:a:nintex:automation:*:*:*:*:*:*:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-276
CWE-522
Связанные уязвимости
CVSS3: 4.3
github
11 месяцев назад
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
EPSS
Процентиль: 23%
0.00076
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-276
CWE-522