CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2017/03/27 12:0 a.m.•1 views

Hitek Software Automize Information Disclosure Vulnerability (CNVD-2017-05642)

5.9CVSS6.2AI score0.0027EPSS

CNVD•added 2017/03/27 12:0 a.m.•1 views

Hitek Software Automize Information Disclosure Vulnerability (CNVD-2017-05643)

8.1CVSS6.2AI score0.00159EPSS

CNVD•added 2017/03/16 12:0 a.m.•1 views

Hitek Software Automize Information Disclosure Vulnerability (CNVD-2017-03647)

Hitek Software Automize is an automation software suite from Hitek Software that increases productivity and saves time. An information disclosure vulnerability exists in Hitek Software Automize. An attacker could exploit this vulnerability to disclose sensitive information...

8.1CVSS6.1AI score0.00295EPSS

Prion•added 2017/01/23 7:59 a.m.•10 views

Information disclosure

Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x...

4.3CVSS6.9AI score0.00159EPSS

Prion•added 2017/01/23 7:59 a.m.•7 views

Information disclosure

Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Password Manager...

4.3CVSS7.1AI score0.00295EPSS

NVD•added 2017/01/23 7:59 a.m.•9 views

CVE-2016-10101

8.1CVSS8AI score0.00295EPSS

Prion•added 2017/01/23 7:59 a.m.•9 views

Design/Logic Flaw

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and...

4.3CVSS7AI score0.00082EPSS

NVD•added 2017/01/23 7:59 a.m.•9 views

CVE-2016-10102

8.1CVSS8AI score0.00082EPSS

CVE•added 2017/01/23 6:49 a.m.•32 views

CVE-2016-10101

CVE-2016-10101 affects Hitek Software Automize (10.x/11.x) via the passManager.jsd module. The vulnerability stems from information disclosure: attackers with Read access can recover the encrypted password to access the Password Manager. Documentation notes the impact as information disclosure an...

8.1CVSS7.8AI score0.00295EPSS

CVE•added 2017/01/23 6:49 a.m.•37 views

CVE-2016-10102

Vulnerability summary (CVE-2016-10102) Hitek Software’s Automize app contains a weakness in hitek.jar where SSH/SFTP and Encryption profile passwords are encrypted with weak cryptography. An attacker could retrieve the encrypted values from sshProfiles.jsd and encryptionProfiles.jsd and decrypt t...

8.1CVSS7.9AI score0.00082EPSS

Cvelist•added 2017/01/23 6:49 a.m.•13 views

CVE-2016-10104

Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...

5.5AI score0.0027EPSS

CVE•added 2017/01/23 6:49 a.m.•36 views

CVE-2016-10103

Affected software/product: Hitek Software Automize. Vulnerability: Information disclosure in encryptionProfiles.jsd caused by the Read attribute being set for Users, enabling recovery of encrypted passwords for GPG Encryption profiles. Root cause / affected component: Read permission on User data...

8.1CVSS7.8AI score0.00159EPSS

CVE•added 2017/01/23 6:49 a.m.•33 views

CVE-2016-10104

Affected product/component: Hitek Software Automatize; issue in the sshProfiles.jsd module. Root cause: Read attribute configured for Users enables information disclosure. Impact: attacker could recover encrypted passwords for SSH/SFTP profiles. Versions affected: 10.x up to 10.25 and 11.x up to ...

5.9CVSS5.5AI score0.0027EPSS

Cvelist•added 2017/01/23 6:49 a.m.•11 views

CVE-2016-10103

7.9AI score0.00159EPSS