← Retour aux CVEs
CVE-2020-10375
MEDIUM5.5
Description
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated passwords in the second column. NOTE: this is unrelated to the popular Smarty template engine product.
Details CVE
Score CVSS v3.15.5
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie2/5/2021
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
newmediacompany:smarty
Faiblesses (CWE)
CWE-326
References
https://www.smarty-online.de(cve@mitre.org)
https://www.x41-dsec.de/lab/advisories/x41-2020-005-smarty/(cve@mitre.org)
https://www.smarty-online.de(af854a3a-2127-422b-91ae-364da2661108)
https://www.x41-dsec.de/lab/advisories/x41-2020-005-smarty/(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.