Vulnerabilities

CVE-2016-10104

by Fred · 23/01/2017

Information Disclosure can occur in sshProfiles.jsd in Hitek Software’s Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14.

Date published : 2017-01-23

http://www.securityfocus.com/bid/96845

https://rastamouse.me/guff/2016/automize/

Similar

Tags: Cybersecurity Alert