2 matches found
CVE-2020-1669
CVE-2020-1669 affects Juniper Networks Junos OS on NFX350 devices via the JDM container that stores password hashes in the world-readable /etc/passwd. Root cause: password hashes are readable by local attackers. Impact: local access could enable brute-force decryption of hashes, with confidential...
Improper access control
PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/USERNAME file...