Lucene search

K
cve[email protected]CVE-2010-3245
HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3245

2022-10-0316:20:55
CWE-200
web.nvd.nist.gov
18
cve-2010-3245
blackboard
transact suite
automated-backup
security
vulnerability
nvd
cleartext
sensitive information

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0

Percentile

0.4%

The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensitive information by reading a file.

Affected configurations

NVD
Node
blackboardtransact_suiteMatch-
VendorProductVersionCPE
blackboardtransact_suite-cpe:/a:blackboard:transact_suite:-:::

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

AI Score

6

Confidence

Low

EPSS

0

Percentile

0.4%

Related for CVE-2010-3245