PT-2010-4681 · Blackboard · Blackboard Transact Suite

John Fisher

Published

2010-09-07

Updated

2013-01-04

CVE-2010-3245

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Blackboard Transact Suite (affected versions not specified)

Description The issue concerns the automated-backup functionality, which stores sensitive information in cleartext. Specifically, it stores the database username and database password in cleartext in script and batch (.bat) files. This allows local users to obtain sensitive information by reading a file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2010-3245

Affected Products

Blackboard Transact Suite

PT-2010-4681 · Blackboard · Blackboard Transact Suite

CVE-2010-3245

Weakness Enumeration

Related Identifiers

Affected Products

References · 3