TSplus Remote Work 16.0.0.0 places a cleartext password on the "var pass" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/174271 | Exploit Third Party Advisory VDB Entry |
Configurations
History
25 Oct 2023, 12:51
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://packetstormsecurity.com/files/174271 - Exploit, Third Party Advisory, VDB Entry | |
First Time |
Tsplus tsplus Remote Work
Tsplus |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:tsplus:tsplus_remote_work:*:*:*:*:*:*:*:* | |
CWE | CWE-522 |
17 Oct 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-17 16:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-27132
Mitre link : CVE-2023-27132
CVE.ORG link : CVE-2023-27132
JSON object : View
Products Affected
tsplus
- tsplus_remote_work
CWE
CWE-522
Insufficiently Protected Credentials