The administrative passwords for all versions of Bond JetSelect are stored within an unprotected file on the filesystem, rather than encrypted within the MySQL database. This backup copy of the passwords is made as part of the installation script, after the administrator has generated a password using ENCtool.jar (see CVE-2019-13022). This allows any low-privilege user who can read this file to trivially obtain the passwords for the administrative accounts of the JetSelect application. The path to the file containing the encoded password hash is /opt/JetSelect/SFC/resources/sfc-general-properties.
References
Link | Resource |
---|---|
https://labs.nettitude.com/blog/cve-2019-13021-22-23-jetselect-network-segregation-application/ | Exploit Third Party Advisory |
https://labs.nettitude.com/blog/cve-2019-13021-22-23-jetselect-network-segregation-application/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 04:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://labs.nettitude.com/blog/cve-2019-13021-22-23-jetselect-network-segregation-application/ - Exploit, Third Party Advisory |
Information
Published : 2020-05-14 17:15
Updated : 2024-11-21 04:24
NVD link : CVE-2019-13021
Mitre link : CVE-2019-13021
CVE.ORG link : CVE-2019-13021
JSON object : View
Products Affected
jetstream
- jetselect
CWE
CWE-312
Cleartext Storage of Sensitive Information