Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges.
References
Link | Resource |
---|---|
http://extensis.com | Product |
http://portfolio.com | Not Applicable |
https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ | Exploit Third Party Advisory |
http://extensis.com | Product |
http://portfolio.com | Not Applicable |
https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://extensis.com - Product | |
References | () http://portfolio.com - Not Applicable | |
References | () https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/ - Exploit, Third Party Advisory |
Information
Published : 2022-03-01 23:15
Updated : 2024-11-21 06:50
NVD link : CVE-2022-24255
Mitre link : CVE-2022-24255
CVE.ORG link : CVE-2022-24255
JSON object : View
Products Affected
extensis
- portfolio
CWE
CWE-798
Use of Hard-coded Credentials