CVE-2016-10102 in Automizeالمعلومات

الملخص

بحسب MITRE

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

02/01/2017

إفشاء

23/01/2017

الاعتدال

تمت الموافقة

إدخال

VDB-95786

CPE

جاهز

CWE

CWE-326 (مؤكد)

CVSS

8.1 (NVD)

EPSS

0.00082

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10102
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10102
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10102/

التالي ▸نظرة عامة ◂ السابق

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!