PT-2013-4525 · Baramundi · Baramundi Management Suite

Damir Bozic

Published

2013-10-03

Updated

2013-12-13

CVE-2013-3624

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Baramundi Management Suite versions 7.5 through 8.9

Description The issue allows remote attackers to obtain sensitive information by reading a file, as credentials are stored in cleartext on deployed machines through the OS deployment feature.

Recommendations For versions 7.5 through 8.9, consider restricting access to the deployed machines to minimize the risk of exploitation until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2013-3624

Affected Products

Baramundi Management Suite

PT-2013-4525 · Baramundi · Baramundi Management Suite

CVE-2013-3624

Weakness Enumeration

Related Identifiers

Affected Products

References · 2