64 matches found
Insecure Credential Storage
typo3/cms-core is vulnerable to Insecure Credential Storage. The vulnerability is due to the persistence of database records containing insecure or empty credentials when certain changes are made to user account types in the TYPO3 backend, which allows an attacker to cause insecure or empty...
CVE-2023-37400
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...
CVE-2023-37400
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...
CVE-2023-37400 IBM Aspera Faspex privilege escalation
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...
CVE-2023-37400
CVE-2023-37400 affects IBM Aspera Faspex 5.0.0–5.0.7; root cause is insecure credential storage that can enable a local user to escalate privileges. IBM PT/IBM bulletin confirms the fix is available in Faspex 5.0.8. Affected products and versions: Aspera Faspex 5.0.0–5.0.7. Remediation: upgrade t...
CVE-2023-37400 IBM Aspera Faspex privilege escalation
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677...
PT-2024-12612 · Ibm · Ibm Aspera Faspex
Name of the Vulnerable Software and Affected Versions: IBM Aspera Faspex versions 5.0.0 through 5.0.7 Description: The issue is related to insecure credential storage, which could allow a local user to escalate their privileges. Recommendations: For IBM Aspera Faspex versions 5.0.0 through 5.0.7,...
Security Bulletin: IBM Aspera Faspex is vulnerable to privilege escalation for local users.
Summary IBM Aspera Faspex has addressed a vulnerability due to insecure credential storage CVE-2023-37400 Vulnerability Details CVEID:CVE-2023-37400 DESCRIPTION: IBM Aspera Faspex could allow a local user to escalate their privileges due to insecure credential storage. CVSS Base score: 8.4 CVSS...
HCL Technologies BigFix Patch Management Security Vulnerability
HCL Technologies BigFix Patch Management is a comprehensive patch management solution from HCL Technologies, Inc. designed to help organizations effectively manage and deploy security and non-security patches for operating systems and applications. HCL Technologies BigFix Patch Management has a...
CVE-2022-38659 HCL BigFix Platform is affected by insecure credential storage
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent...
Trojan-Dropper.Win32.Corty.10 MVID-2022-0639 Insecure Credential Storage
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/f72138e574743640bdcdb9f102dff0a5.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Dropper.Win32.Corty.10 Vulnerability: Insecure Credential Storage Description: The...
Backdoor.Win32.Guptachar.20 MVID-2022-0631 Insecure Credential Storage
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/857999d2306f257b80d1b8f6a51ae8b0.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Guptachar.20 Vulnerability: Insecure Credential Storage Description: The...
PT-2022-3158 · Emerson · Emerson Openbsi
Name of the Vulnerable Software and Affected Versions: Emerson OpenBSI versions prior to 2022-04-29 Description: The issue is related to the insecure storage of confidential information in the SecUsers.ini file, which can be exploited by a remote attacker to gain access to user credentials. The...
Backdoor.Win32.Delf.zn Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/9acdbfc9f7c1f6e589485b30aa91bfd2.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Delf.zn Vulnerability: Insecure Credential Storage Description: The default credentia...
Backdoor.Win32.Ptakks.XP.a Insecure Credential Storage
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/e087725b01dded75d85a20db58335fa8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Ptakks.XP.a Vulnerability: Insecure Credential Storage Description: The default...
CVE-2022-26948
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...
CVE-2022-26948
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...
Design/Logic Flaw
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...
CVE-2022-26948
The Archer RSS feed integration for Archer 6.x through 6.9 SP1 6.9.1.0 is affected by an insecure credential storage vulnerability. A malicious attacker may obtain access to credential information to use it in further attacks...
CVE-2022-26948
The CVE-2022-26948 entry affects the Archer RSS feed integration in Archer 6.x up to 6.9 SP1 (6.9.1.0). The root cause is insecure credential storage, allowing a malicious actor to access credential information and potentially use it for further attacks. The available documents do not provide spe...