CVE-2009-2312

2009-07-0210:00:00

mitre

www.cve.org

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

References

archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

secunia.com/advisories/34390

exchange.xforce.ibmcloud.com/vulnerabilities/49338