PT-2010-4681 · Blackboard · Blackboard Transact Suite

John Fisher

Publicado

2010-09-07

Atualizado

2013-01-04

CVE-2010-3245

CVSS v2.0

2.1

Baixa

Vetor

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Blackboard Transact Suite (affected versions not specified)

Description The issue concerns the automated-backup functionality, which stores sensitive information in cleartext. Specifically, it stores the database username and database password in cleartext in script and batch (.bat) files. This allows local users to obtain sensitive information by reading a file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2010-3245

Produtos afetados

Blackboard Transact Suite

PT-2010-4681 · Blackboard · Blackboard Transact Suite

CVE-2010-3245

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3