CVE-2014-9252
CVE-2014-9252 affects Zenoss Core through 5 Beta 3, where cleartext passwords are stored in the session database. The underlying issue is plaintext password storage in the server-side session store, potentially allowing local users to read sensitive credentials by inspecting database entries. No ...