VDG Security SENSE (formerly DIVA) 2.3.13 stores administrator credentials in cleartext, which allows attackers to obtain sensitive information by reading the plugin configuration files.
References
Configurations
History
21 Nov 2024, 02:21
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html - Exploit | |
References | () http://seclists.org/fulldisclosure/2014/Dec/76 - Exploit | |
References | () https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20141218-0_VDG_Security_SENSE_Multiple_critical_vulnerabilities_v10.txt - Exploit |
Information
Published : 2015-01-08 15:59
Updated : 2024-11-21 02:21
NVD link : CVE-2014-9579
Mitre link : CVE-2014-9579
CVE.ORG link : CVE-2014-9579
JSON object : View
Products Affected
vdgsecurity
- vdg_sense
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor