Lucene search

K
cve[email protected]CVE-2009-2312
HistoryJul 02, 2009 - 10:30 a.m.

CVE-2009-2312

2009-07-0210:30:00
CWE-310
web.nvd.nist.gov
24
smartfilter
web gateway security
cve-2009-2312
user credentials
cleartext
insecure permissions

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

Affected configurations

NVD
Node
mcafeesmartfilterMatch4.2.1.00

6.8 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

5.1%

Related for CVE-2009-2312