ID |
CVE-2005-3209
|
Summary |
Aenovo products (1) aeNovo, (2) aeNovoShop, and (3) aeNovoWYSI store password information in plaintext in the (a) control, (b) content, and (c) page tables, which allows attackers with database access to obtain those passwords and gain privileges. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:aenovo:aenovo:*:*:*:*:*:*:*:*
cpe:2.3:a:aenovo:aenovo:*:*:*:*:*:*:*:*
-
cpe:2.3:a:aenovo:aenovoshop:*:*:*:*:*:*:*:*
cpe:2.3:a:aenovo:aenovoshop:*:*:*:*:*:*:*:*
-
cpe:2.3:a:aenovo:aenovowysi:*:*:*:*:*:*:*:*
cpe:2.3:a:aenovo:aenovowysi:*:*:*:*:*:*:*:*
|
CVSS |
Base: | 4.6 (as of 11-07-2017 - 01:33) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
|
Last major update |
11-07-2017 - 01:33 |
Published |
14-10-2005 - 10:02 |
Last modified |
11-07-2017 - 01:33 |