CVE-2022-4312

A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.
Configurations

Configuration 1 (hide)

cpe:2.3:a:arcinformatique:pcvue:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:35

Type Values Removed Values Added
References () https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7 - Permissions Required, Vendor Advisory () https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7 - Permissions Required, Vendor Advisory

07 Nov 2023, 03:57

Type Values Removed Values Added
Summary A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card. A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.

06 Jul 2023, 14:42

Type Values Removed Values Added
CWE CWE-312 CWE-522

Information

Published : 2022-12-12 18:15

Updated : 2024-11-21 07:35


NVD link : CVE-2022-4312

Mitre link : CVE-2022-4312

CVE.ORG link : CVE-2022-4312


JSON object : View

Products Affected

arcinformatique

  • pcvue
CWE
CWE-312

Cleartext Storage of Sensitive Information

CWE-522

Insufficiently Protected Credentials