Lucene search

K
cvelistRedhatCVELIST:CVE-2007-1462
HistoryMar 15, 2007 - 8:00 p.m.

CVE-2007-1462

2007-03-1520:00:00
redhat
www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.0%

The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a “view source” or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible.

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

62.0%

Related for CVELIST:CVE-2007-1462