CVE-2006-4642

2006-09-0821:00:00

mitre

www.cve.org

AI Score

5.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

AuditWizard 6.3.2, when using “Remote Audit,” logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.

References

secunia.com/advisories/21773

securityreason.com/securityalert/1525

securitytracker.com/id?1016795

www.securityfocus.com/archive/1/445220/100/0/threaded

www.securityfocus.com/bid/19860

www.vupen.com/english/advisories/2006/3498

exchange.xforce.ibmcloud.com/vulnerabilities/28743