CVE-2009-1466

Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.
References
Link Resource
http://securitytracker.com/id?1022204 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/503434/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/34911 Broken Link Third Party Advisory VDB Entry
http://www.syhunt.com/advisories/?id=aas-multiple Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/50590 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:klinzmann:application_access_server:2.0.48:*:*:*:*:*:*:*

History

14 Feb 2024, 15:20

Type Values Removed Values Added
CVSS v2 : 2.1
v3 : unknown
v2 : 2.1
v3 : 5.5
References (BID) http://www.securityfocus.com/bid/34911 - (BID) http://www.securityfocus.com/bid/34911 - Broken Link, Third Party Advisory, VDB Entry
References (MISC) http://www.syhunt.com/advisories/?id=aas-multiple - (MISC) http://www.syhunt.com/advisories/?id=aas-multiple - Broken Link
References (SECTRACK) http://securitytracker.com/id?1022204 - (SECTRACK) http://securitytracker.com/id?1022204 - Broken Link, Third Party Advisory, VDB Entry
References (BUGTRAQ) http://www.securityfocus.com/archive/1/503434/100/0/threaded - (BUGTRAQ) http://www.securityfocus.com/archive/1/503434/100/0/threaded - Broken Link, Third Party Advisory, VDB Entry
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/50590 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/50590 - Third Party Advisory, VDB Entry
CWE CWE-310 CWE-312

Information

Published : 2009-05-14 17:30

Updated : 2024-02-28 11:21


NVD link : CVE-2009-1466

Mitre link : CVE-2009-1466

CVE.ORG link : CVE-2009-1466


JSON object : View

Products Affected

klinzmann

  • application_access_server
CWE
CWE-312

Cleartext Storage of Sensitive Information