CRITICAL🇬🇧 English

CVE-2019-3947

CVSS 9.8v3.0pub. 2019-06-12upd. 2024-11-21

Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fujielectric V Server

    APP
    Fujielectric
    < 6.0.33.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2019-18240CRITICAL9.8ten sam produkt

In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may...

CVE-2018-14809CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, A use after free vulnerability has been identified, which may allow ...

CVE-2018-14811CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been ide...

CVE-2018-14813CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow vulnerability has been identified, whic...

CVE-2018-14815CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write vulnerabilities have been identified, wh...

CVE-2019-3947 — CRITICAL 9.8 | CVEbaza.pl