Lucene search

[email protected]CVE-2010-3245

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3245

2022-10-0316:20:55

CWE-200

[email protected]

web.nvd.nist.gov

cve-2010-3245

blackboard

transact suite

automated-backup

security

vulnerability

nvd

cleartext

sensitive information

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batch (.bat) files, which allows local users to obtain sensitive information by reading a file.

Affected configurations

NVD

Node

blackboardtransact_suiteMatch-

CPENameOperatorVersion
blackboard:transact_suiteblackboard transact suiteeq-

CPE	Name	Operator	Version
blackboard:transact_suite	blackboard transact suite	eq	-

References

www.kb.cert.org/vuls/id/204055

www.kb.cert.org/vuls/id/MAPG-86YPVM

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for CVE-2010-3245

prion1 cvelist1 nvd1