4 matches found
CVE-2016-10103
Affected software/product: Hitek Software Automize. Vulnerability: Information disclosure in encryptionProfiles.jsd caused by the Read attribute being set for Users, enabling recovery of encrypted passwords for GPG Encryption profiles. Root cause / affected component: Read permission on User data...
CVE-2016-10102
Vulnerability summary (CVE-2016-10102) Hitek Software’s Automize app contains a weakness in hitek.jar where SSH/SFTP and Encryption profile passwords are encrypted with weak cryptography. An attacker could retrieve the encrypted values from sshProfiles.jsd and encryptionProfiles.jsd and decrypt t...
CVE-2016-10101
CVE-2016-10101 affects Hitek Software Automize (10.x/11.x) via the passManager.jsd module. The vulnerability stems from information disclosure: attackers with Read access can recover the encrypted password to access the Password Manager. Documentation notes the impact as information disclosure an...
CVE-2016-10104
Affected product/component: Hitek Software Automatize; issue in the sshProfiles.jsd module. Root cause: Read attribute configured for Users enables information disclosure. Impact: attacker could recover encrypted passwords for SSH/SFTP profiles. Versions affected: 10.x up to 10.25 and 11.x up to ...