CVE-2017-6911 - USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as

CVE-2017-6911

Summary

USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack.

References

Vulnerable Configurations

cpe:2.3:a:usb_pratirodh_project:usb_pratirodh:-:*:*:*:*:*:*:*
cpe:2.3:a:usb_pratirodh_project:usb_pratirodh:-:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

CWE-922

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:N

refmap via4

bid	96970
bugtraq	20170316 CVE-2017-6911: USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability
fulldisc	20170316 USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability
misc	http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-Storage.html

Last major update

03-10-2019 - 00:03

Published

23-03-2017 - 20:59

Last modified

03-10-2019 - 00:03