PT-2019-13283 · Oxysoft · Knowage

Publicado

2019-09-05

·

Atualizado

2020-08-24

·

CVE-2019-13349

CVSS v3.1

4.9

Média

VetorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Knowage versions prior to 6.1.2
Description The issue allows an authenticated user who accesses the users page to obtain all user password hashes.
Recommendations For versions prior to 6.1.2, update to version 6.1.2 or later to resolve the issue.

Exploit

Correção

Insufficiently Protected Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-522

Identificadores relacionados

CVE-2019-13349

Produtos afetados

Knowage