PT-2019-15758 · Titanhq · Webtitan

Publicado

2019-12-02

Atualizado

2019-12-09

CVE-2019-19017

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TitanHQ WebTitan versions prior to 5.18

Description An issue was discovered where the appliance has a hard-coded root password set during installation, allowing an attacker to gain root privileges on the system.

Recommendations For versions prior to 5.18, update to version 5.18 or later to resolve the issue. As a temporary workaround, consider changing the root password to a unique and secure value until a patch is applied.

Exploit

Correção

Race Condition

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-798

Identificadores relacionados

CVE-2019-19017

Produtos afetados

Webtitan

PT-2019-15758 · Titanhq · Webtitan

CVE-2019-19017

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4