CVE-2023-46294

LOW Year: 2023
CVSS v3 Score
3.4
Low
Weakness Type
CWE-312
View all →

Vulnerability Description

An issue was discovered in Teledyne FLIR M300 2.00-19. User account passwords are encrypted locally, and can be decrypted to cleartext passwords using the utility umSetup. This utility requires root permissions to execute.

Related Vulnerabilities

CVE-2024-51993

LOW
CVSS:3.4(Low)

Combodo iTop is a web based IT Service Management tool. An attacker accessing a backup file or the database can read some passwords for misconfigured Users. This issue has been addressed in version 3....

CWE-3122024

CVE-2010-3282

LOW
CVSS:3.3(Low)

389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw)...

CWE-3122010

CVE-2019-10433

LOW
CVSS:3.3(Low)

Jenkins Dingding[钉钉] Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file s...

CWE-3122019

CVE-2019-10450

LOW
CVSS:3.3(Low)

Jenkins ElasticBox CI Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

CWE-3122019

CVE-2020-6980

LOW
CVSS:3.3(Low)

Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, MicroLogix 1100 Controller, all versions, RSLogix 500 Software v12.001 and prior, If Simple Mail Tra...

CWE-3122020

CVE-2021-37468

LOW
CVSS:3.3(Low)

NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.

CWE-3122021