CVE-2018-19466

A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext…

mitre·CWE-522·Published 2019-03-27

CVSS

—

EPSS

0.04

KEV

Exploits

cve.orgen

179 chars

A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls.

NVDen

179 chars

A vulnerability was found in Portainer before 1.20.0. Portainer stores LDAP credentials, corresponding to a master password, in cleartext and allows their retrieval via API calls.

NVDes

234 chars

Se ha descubierto una vulnerabilidad en Portainer, en versiones anteriores a la 1.20.0. Portainer almacena credenciales LDAP, que corresponden a una contraseña maestra, en texto claro y permite recuperarlas mediante llamadas a la API.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H