Lucene search
PRIOn knowledge basePRION:CVE-2021-29043HistoryMay 17, 2021 - 11:15 a.m.
Default credentials
2021-05-1711:15:00
PRIOn knowledge base
www.prio-n.com
4
The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store’s proxy password, which allows attackers to steal the proxy password via man-in-the-middle attacks or shoulder surfing.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dxp | eq | 7.0 fixpack81 | |
| dxp | eq | 7.0 fixpack13 | |
| dxp | eq | 7.0 fixpack14 | |
| dxp | eq | 7.0 fixpack24 | |
| dxp | eq | 7.0 fixpack25 | |
| dxp | eq | 7.0 fixpack26 | |
| dxp | eq | 7.0 fixpack27 | |
| dxp | eq | 7.0 fixpack28 | |
| dxp | eq | 7.0 fixpack3 | |
| dxp | eq | 7.0 fixpack30 |
Related
veracode
veracode
Information Disclosure
2021-05-18 05:54:26
osv
osv
CVE-2021-29043
2021-05-17 11:15:07
cvelist
cvelist
CVE-2021-29043
2021-05-17 10:48:12
cve
cve
CVE-2021-29043
2021-05-17 11:15:07
nvd
nvd
CVE-2021-29043
2021-05-17 11:15:07
nessus
nessus
Liferay Portal 7.x <= 7.2.1 / 7.3 < 7.3.6 Multiple Vulnerabilities
2021-07-02 00:00:00