A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with a user’s profile.
CPE | Name | Operator | Version |
---|---|---|---|
jobscheduler | ge | 1.12.0 | |
jobscheduler | le | 1.12.12 | |
jobscheduler | ge | 1.13.0 | |
jobscheduler | le | 1.13.3 |