CVE-2010-3244

Name of the Vulnerable Software and Affected Versions Blackboard Transact Suite versions prior to 3.6.0.2

Description The issue allows local users to discover the database password by modifying the connection.xml file. This is due to BbtsConnection Edit.exe relying on field names when determining whether to decrypt a connection.xml field value.

Recommendations For versions prior to 3.6.0.2, update to version 3.6.0.2 or later to resolve the issue.