CVE-2020-10554

{"id": "CVE-2020-10554", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2021-02-05T20:15:12.870", "references": [{"url": "https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-326"}, {"lang": "en", "value": "CWE-522"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM."}, {"lang": "es", "value": "Se detect\u00f3 un problema en Psyprax versiones anteriores a 3.2.2. Las contrase\u00f1as usadas para cifrar los datos que son almacenados en la base de datos en un formato ofuscado, que puede ser f\u00e1cilmente revertido. Por ejemplo, la contrase\u00f1a AAAAAAAA es almacenada en la base de datos como MMMMMMMM"}], "lastModified": "2024-11-21T04:55:34.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:psyprax:psyprax:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BF504F8-37CA-41C2-8A4A-78CD57197D2C", "versionEndExcluding": "3.2.2"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}