Cleartext Storage of Sensitive Information

CVE-2018-16498

Medium

5.5/10

Summary

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-312 - Cleartext Storage of Sensitive Information

The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References

Advisory Timeline

Published May 26, 2021

Cleartext Storage of Sensitive Information

CVE-2018-16498

Summary

CWE-312 - Cleartext Storage of Sensitive Information

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS