Lucene search

[email protected]NVD:CVE-2006-4642

HistorySep 08, 2006 - 9:04 p.m.

CVE-2006-4642

2006-09-0821:04:00

[email protected]

web.nvd.nist.gov

CVSS2

1.7

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

AuditWizard 6.3.2, when using “Remote Audit,” logs the administrator password in plaintext to LaytonCmdSvc.log, which allows local users to obtain sensitive information by reading the file.

Affected configurations

Nvd

Node

auditwizardauditwizardMatch6.3.2

VendorProductVersionCPE
auditwizardauditwizard6.3.2cpe:2.3:a:auditwizard:auditwizard:6.3.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
auditwizard	auditwizard	6.3.2	cpe:2.3:a:auditwizard:auditwizard:6.3.2:::::::*

References

secunia.com/advisories/21773

securityreason.com/securityalert/1525

securitytracker.com/id?1016795

www.securityfocus.com/archive/1/445220/100/0/threaded

www.securityfocus.com/bid/19860

www.vupen.com/english/advisories/2006/3498

exchange.xforce.ibmcloud.com/vulnerabilities/28743

CVSS2

1.7

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2006-4642

cvelist1 cve1