PT-2000-1523 · Sawmill · Sawmill
Publicado
2000-06-26
·
Atualizado
2013-07-30
·
CVE-2000-0589
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
SawMill version 5.0.21
Description
The issue allows attackers to easily decrypt passwords stored by SawMill due to the use of weak encryption. This enables attackers to modify the SawMill configuration.
Recommendations
For SawMill version 5.0.21, consider updating the password storage mechanism to use strong encryption to prevent easy decryption by attackers. As a temporary workaround, restrict access to the SawMill configuration to minimize the risk of exploitation.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sawmill