PT-2004-3613 · Tenable · Nessuswx

Published

2004-12-31

Updated

2017-07-29

CVE-2004-2723

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions NessusWX version 1.4.4

Description The issue allows local users to obtain passwords because account passwords are stored in plaintext in .session files.

Recommendations For NessusWX version 1.4.4, consider encrypting or securely storing account passwords to prevent unauthorized access. As a temporary workaround, restrict access to .session files to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2004-2723

Affected Products

Nessuswx

PT-2004-3613 · Tenable · Nessuswx

CVE-2004-2723

Weakness Enumeration

Related Identifiers

Affected Products

References · 6