PT-2019-12465 · Micro Focus+1 · Micro Focus Service Manager+1

Publicado

2019-09-18

Atualizado

2021-07-21

CVE-2019-11663

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Micro Focus Service Manager versions 9.30 through 9.62

Description The issue concerns the use of clear text credentials to access the managers app in Tomcat, potentially allowing sensitive data exposure.

Recommendations For versions 9.30 through 9.62, update the configuration to use encrypted credentials instead of clear text credentials to access the managers app in Tomcat.

Correção

Insufficiently Protected Credentials

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522CWE-311

Identificadores relacionados

CVE-2019-11663

Produtos afetados

Micro Focus Service Manager

Apache Tomcat

PT-2019-12465 · Micro Focus+1 · Micro Focus Service Manager+1

CVE-2019-11663

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3