CVE-2016-6602

Posted on 2017년 1월 24일2017년 1월 24일 by admin

CVE-2016-6602

ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/securitydbData.xml. NOTE: this issue can be combined with CVE-2016-6601 for a remote exploit.

Source: CVE-2016-6602

답글 남기기 응답 취소