Antonio Papa

**Name of the Vulnerable Software and Affected Versions** eGroupWare version 17.1.20190111 **Description** An issue affects the setup panel under setup/manageheader.php, allowing authenticated remote attackers with administrator credentials to read a cleartext database password due to improper password storage. This issue does not specify the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** For eGroupWare version 17.1.20190111, consider restricting access to the setup panel under setup/manageheader.php to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.