CVE-2006-3663 - Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, w

CVE-2006-3663

Summary

Finjan Vital Security Appliance 5100/8100 NG 8.3.5 stores passwords in plaintext in a backup file, which allows local users to gain privileges. NOTE: the vendor has notified CVE that this issue was fixed in 8.3.6. The vendor reports that version 8.3.6 of Finjan’s Vital Security Appliance (NG 5100/8100), released on 7/23/06, fixes this issue.

References

Vulnerable Configurations

cpe:2.3:a:finjan:vital_security:ng-5100_8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:finjan:vital_security:ng-5100_8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:finjan:vital_security:ng-8100_8.3.5:*:*:*:*:*:*:*
cpe:2.3:a:finjan:vital_security:ng-8100_8.3.5:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 18-10-2018 - 16:48)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	18940
bugtraq	20060711 [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file
fulldisc	20060711 [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file
xf	finjan-backup-plaintext-password(27709)

Last major update

18-10-2018 - 16:48

Published

18-07-2006 - 15:47

Last modified

18-10-2018 - 16:48