4 matches found
CVE-2024-45744 TopQuadrant TopBraid EDG password manager stores external credentials insecurely
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a...
CVE-2024-45744 TopQuadrant TopBraid EDG password manager stores external credentials insecurely
TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a...
CVE-2024-45744
TopQuadrant TopBraid EDG stores external credentials in edg-vault.properties and reads secrets from edg-setup.properties, enabling an authenticated attacker with file-system access to decrypt external passwords. Affected from at least v7.1.3; attacker access may be gained via another vulnerabilit...
TopQuadrant TopBraid EDG Insecure External Password Storage and XXE Vulnerabilities
RISK EVALUATION TopQuadrant TopBraid EDG stores credentials for external services insecurely and processes untrusted XML entities. An authenticated attacker could obtain credentials for remote services, read local files, or access URLs. 2. RECOMMENDED PRACTICES Upgrade to TopQuadrant TopBraid...