Missing Password Field Masking

CVE-2023-49106

Medium

4.6/10

Summary

Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.

Attack Complexity: LOW
Attack Vector: PHYSICAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: NONE

CWE-549 - Missing Password Field Masking

The software does not mask passwords during entry, increasing the potential for attackers to observe and capture passwords.

References

Advisory Timeline

Published Jan 16, 2024

Missing Password Field Masking

CVE-2023-49106

Summary

CWE-549 - Missing Password Field Masking

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS