Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Tomedo Server 1.7.3 Information Disclosure / Weak Cryptography

🗓️ 16 Oct 2019 00:00:00Reported by Chris HeinType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 175 Views

Tomedo Server 1.7.3 Information Disclosure & Weak Cryptography CVE-2019-1739

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2019-17393
17 Jan 202409:41
circl
CVE		CVE-2019-17393
18 Oct 201916:04
cve
Cvelist		CVE-2019-17393
18 Oct 201916:04
cvelist
EUVD		EUVD-2019-7797
7 Oct 202500:30
euvd
NVD		CVE-2019-17393
18 Oct 201917:15
nvd
OSV		CVE-2019-17393
18 Oct 201917:15
osv
Prion		Authentication flaw
18 Oct 201917:15
prion
RedhatCVE		CVE-2019-17393
22 May 202508:20
redhatcve
`Affected software: Tomedo Server 1.7.3  
Vulnerability type: Cleartext Transmission of Sensitive Information & Weak Cryptography for Passwords  
Vulnerable version: Tomedo Server 1.7.3  
Vulnerable component: Customer Tomedo Server that communicates with Vendor Tomedo Update Server  
Vendor report confidence: Confirmed  
Fixed version: Version later then 1.7.3  
Vendor notification: 20/09/19  
Solution date: 25/09/19  
CVE reference: CVE-2019-17393  
CVSS Score: 3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N   
Credits: Chris Hein, ProSec GmbH  
Communication Timeline:   
20th September 2019 Initial contact - no response  
25th September second contact attempt  
28th September Vendor responded and released an update  
14th October fulldisclosure   
  
Vulnerability Details:  
The Customer’s Tomedo Server in Version 1.7.3 communicates to the Vendor Tomedo Server via HTTP (in cleartext) that can be sniffed by unauthorized actors.  
Basic authentication is used for the authentication what’s makes it possible to base64 decode the sniffed credentials and get hold of the username and password.  
  
Proof of concept:  
Capture the traffic between the Tomedo servers via a proxy or a MITM attack and base64 decode the credentials from the HTTP GET request.  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Oct 2019 00:00Current
9.7High risk
Vulners AI Score9.7
EPSS0.00198
tomedo serverinformation disclosureweak cryptographycve-2019-17393cleartext transmissionvulnerabilityhttpbase64 decodevendor notificationmitm attack
175