CVE

CVE-2016-10104

admin

CVE-2016-10104

Information Disclosure can occur in sshProfiles.jsd in Hitek Software’s Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14.

Source: CVE-2016-10104

Exit mobile version