Cleartext Storage of Sensitive Information in Memory
CVE-2014-2366
Summary
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover credentials by reading HTML source code.
- LOW
- NETWORK
- SINGLE
- COMPLETE
- COMPLETE
- COMPLETE
CWE-316 - Cleartext Storage of Sensitive Information in Memory
The application stores sensitive information in cleartext in memory.
References
Advisory Timeline
- Published
