PT-2020-10291 · Ixp · Ixp Easyinstall

Published

2020-01-23

Updated

2021-07-21

CVE-2019-19898

CVSS v3.1

7.5

High

Vector

AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions IXP EasyInstall version 6.2.13723

Description The issue concerns cleartext credentials being sent over the network when using the Administrator console remotely. This occurs on TCP port 20050.

Recommendations For IXP EasyInstall version 6.2.13723, consider restricting remote access to the Administrator console until a fix is available. As a temporary workaround, avoid using the remote Administrator console to minimize the risk of credential exposure.

Exploit

Fix

Cleartext Transmission of Sensitive Information

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319CWE-522

Related Identifiers

CVE-2019-19898

Affected Products

Ixp Easyinstall

PT-2020-10291 · Ixp · Ixp Easyinstall

CVE-2019-19898

Weakness Enumeration

Related Identifiers

Affected Products

References · 3