PT-2018-14274 · Circontrol · Circarlife

Published

2018-11-02

Updated

2019-10-09

CVE-2018-17922

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Circontrol CirCarLife versions prior to 4.3.1

Description The issue concerns the storage of PAP credentials in clear text within a log file. This log file is accessible without requiring authentication, potentially exposing sensitive information.

Recommendations For versions prior to 4.3.1, update to version 4.3.1 or later to resolve the issue.

Fix

Insufficiently Protected Credentials

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-532

Related Identifiers

CVE-2018-17922

Affected Products

Circarlife

PT-2018-14274 · Circontrol · Circarlife

CVE-2018-17922

Weakness Enumeration

Related Identifiers

Affected Products

References · 4