Credentials Management Errors
CVE-2004-2722
Summary
Nessus 2.0.10a stores account passwords in plaintext in .nessusrc files, which allows local users to obtain passwords. NOTE: the original researcher reports that the vendor has disputed this issue
- LOW
- LOCAL
- NONE
- NONE
- PARTIAL
- NONE
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published