Design/Logic Flaw

2013-08-2503:27:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

The OSAL_Crypt_SetEncryptedPassword function in InfraStack/OSDependent/Linux/OSAL/Services/wimax_osal_crypt_services.c in the OSAL crypt module in the Intel WiMAX Network Service through 1.5.2 for Intel Wireless WiMAX Connection 2400 devices logs a cleartext password during certain attempts to set a password, which allows local users to obtain sensitive information by reading a log file.

CPENameOperatorVersion
wimax_network_servicele1.5.2
wimax_network_serviceeq1.5.0

CPE	Name	Operator	Version
	wimax_network_service	le	1.5.2
	wimax_network_service	eq	1.5.0

References

www.openwall.com/lists/oss-security/2013/08/08/17

bugzilla.redhat.com/show_bug.cgi?id=911121