ID CVE-2018-11742
Summary NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
References
Vulnerable Configurations
  • cpe:2.3:o:necom:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*
    cpe:2.3:o:necom:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*
  • cpe:2.3:h:necom:univerge_sv9100_webpro:-:*:*:*:*:*:*:*
    cpe:2.3:h:necom:univerge_sv9100_webpro:-:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 31-01-2019 - 16:09)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
exploit-db 45942
fulldisc 20181204 CVE-2018-11741 / CVE-2018-11742 / NEC Univerge Sv9100 WebPro - 6.00 / Predictable Session ID / Clear Text Password Storage
misc
vulnerable_product via4 cpe:2.3:o:necom:univerge_sv9100_webpro_firmware:6.00.00:*:*:*:*:*:*:*
Last major update 31-01-2019 - 16:09
Published 26-12-2018 - 21:29
Back to Top