PT-2023-25296 · Iagona · Iagona Scrutisweb

Jorian Van Den Hout

+2

·

Publicado

2023-07-18

·

Atualizado

2023-08-16

·

CVE-2023-35763

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Iagona ScrutisWeb versions 2.1.37 and prior
Description The issue is related to a cryptographic vulnerability. This vulnerability could allow an unauthenticated user to decrypt encrypted passwords into plaintext.
Recommendations For Iagona ScrutisWeb versions 2.1.37 and prior, update to a version later than 2.1.37 to resolve the issue.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2023-35763

Produtos afetados

Iagona Scrutisweb