← Zuruck zu CVEs
CVE-2023-28441
HIGH8.0
Beschreibung
smartCARS 3 is flight tracking software. In version 0.5.8 and prior, all persons who have failed login attempts will have their password stored in error logs. This problem doesn't occur in version 0.5.9. As a workaround, delete the affected log file, and ensure one logs in correctly.
CVE Details
CVSS v3.1 Bewertung8.0
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht3/24/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
invernyx:smartcars_3
Schwachen (CWE)
CWE-532
Referenzen
https://github.com/invernyx/smartcars-3-bugs/security/advisories/GHSA-fp42-c8g2-5jc7(security-advisories@github.com)
https://github.com/invernyx/smartcars-3-bugs/security/advisories/GHSA-fp42-c8g2-5jc7(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.