Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
References
Link | Resource |
---|---|
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html | Broken Link |
http://www.iss.net/security_center/static/7621.php | Broken Link |
http://www.securityfocus.com/bid/3587 | Broken Link Third Party Advisory VDB Entry |
Configurations
History
10 Feb 2024, 03:04
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/3587 - Broken Link, Third Party Advisory, VDB Entry | |
References | (XF) http://www.iss.net/security_center/static/7621.php - Broken Link | |
References | (BUGTRAQ) http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html - Broken Link | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
First Time |
Audiogalaxy
Audiogalaxy audiogalaxy |
|
CWE | CWE-312 | |
CPE | cpe:2.3:a:audiogalaxy:audiogalaxy:-:*:*:*:*:*:*:* |
Information
Published : 2001-12-31 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2001-1536
Mitre link : CVE-2001-1536
CVE.ORG link : CVE-2001-1536
JSON object : View
Products Affected
audiogalaxy
- audiogalaxy
CWE
CWE-312
Cleartext Storage of Sensitive Information