Takuma Shiga

**Name of the Vulnerable Software and Affected Versions** Driver Distributor versions 2.2.3.1 and earlier **Description** The issue concerns a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted. **Recommendations** For Driver Distributor versions 2.2.3.1 and earlier, consider updating to a newer version that addresses the issue of storing passwords in a recoverable format. As a temporary workaround, restrict access to configuration files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: GroupSession Free edition versions 5.1.1 and earlier GroupSession byCloud versions 5.1.1 and earlier GroupSession ZION versions 5.1.1 and earlier Description: The issue is related to incorrect permission assignment for a critical resource, allowing a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors. Recommendations: For GroupSession Free edition versions 5.1.1 and earlier, update to a version later than 5.1.1 to resolve the issue. For GroupSession byCloud versions 5.1.1 and earlier, update to a version later than 5.1.1 to resolve the issue. For GroupSession ZION versions 5.1.1 and earlier, update to a version later than 5.1.1 to resolve the issue. As a temporary workaround, consider restricting access to critical resources on the server until a patch is available.