CVE-2017-9615

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because…

mitre·CWE-532·Published 2017-06-26

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

209 chars

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.

NVDen

209 chars

NVDes

232 chars

Revelación de contraseña en Cognito Software Moneyworks 8.0.3 y anteriores permite a atacantes conseguir acceso de administrador a todos los datos, porque el loguer verboso imprime la contraseña de administrador a un archivo leíble.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H