PT-2021-8566 · Unknown · Sapphireims

Tanoy Bose

Published

2021-08-11

Updated

2021-08-16

CVE-2017-16632

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SapphireIMS version 4097 1

Description The password in the database is stored in Base64 format.

Recommendations For SapphireIMS version 4097 1, consider implementing proper password hashing and storage mechanisms to mitigate the risk of password exposure. As a temporary workaround, restrict access to the database to minimize the risk of exploitation.

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

CVE-2017-16632

Affected Products

Sapphireims

PT-2021-8566 · Unknown · Sapphireims

CVE-2017-16632

Weakness Enumeration

Related Identifiers

Affected Products

References · 6