Missing Password Field Masking

CVE-2023-1763

Medium

6.5/10

Summary

Canon IJ Network Tool/Ver.4.7.5 and earlier (supported OS: OS X 10.9.5-macOS 13),IJ Network Tool/Ver.4.7.3 and earlier (supported OS: OS X 10.7.5-OS X 10.8) allows an attacker to acquire sensitive information on the Wi-Fi connection setup of the printer from the software.

Attack Complexity: LOW
Attack Vector: ADJACENT_NETWORK
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-549 - Missing Password Field Masking

The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.

References

Advisory Timeline

Published May 17, 2023

Missing Password Field Masking

CVE-2023-1763

Summary

CWE-549 - Missing Password Field Masking

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS