Hiagomoura

**Name of the Vulnerable Software and Affected Versions** Intergard SGS version 8.7.0 **Description** A critical issue was found, affecting an unknown function and leading to permission issues. The manipulation can be launched remotely. The issue has been disclosed publicly and may be used for attacks. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Intergard SGS version 8.7.0, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Intergard SGS version 8.7.0 **Description** A vulnerability has been found in the Change Password Handler component, which can be exploited to cause a denial of service. The attack can be launched remotely. The vendor was contacted about this disclosure but did not respond. **Recommendations** For Intergard SGS version 8.7.0, consider disabling the Change Password Handler component until a patch is available to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intergard SGS version 8.7.0 **Description** A vulnerability was found in Intergard SGS, which has been classified as problematic. This issue affects an unknown part of the system and leads to cleartext storage of sensitive information in memory. The manipulation can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Intergard SGS version 8.7.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intergard SGS version 8.7.0 **Description** A vulnerability was found in the Password Change Handler component, leading to cleartext transmission of sensitive information. The attack can be launched remotely, with a rather high complexity and difficult exploitation. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. **Recommendations** For Intergard SGS version 8.7.0, consider disabling the Password Change Handler component until a patch is available to prevent cleartext transmission of sensitive information. Restrict access to the Password Change Handler functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Intergard SGS version 8.7.0 **Description** The issue is related to the transmission of sensitive information in cleartext due to a vulnerability in the SQL Query Handler component. This can be exploited remotely, potentially allowing an attacker to disclose protected information. The complexity of the attack is considered high, and the exploitation appears to be difficult. **Recommendations** For Intergard SGS version 8.7.0, consider restricting access to the SQL Query Handler component until a fix is available. As a temporary workaround, avoid using the SQL Query Handler for sensitive information transmission. At the moment, there is no information about a newer version that contains a fix for this vulnerability.