AVer Information EH6108H+ devices with firmware X9.03.24.00.07l store passwords in a cleartext base64 format and require cleartext credentials in HTTP Cookie headers, which allows context-dependent attacks to obtain sensitive information by reading these strings.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/667480 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/92936 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2016-09-19T01:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2016-08-03T00:00:00
Link: CVE-2016-6537
JSON object: View
NVD Information
Status : Modified
Published: 2016-09-19T01:59:09.383
Modified: 2016-11-28T20:33:39.003
Link: CVE-2016-6537
JSON object: View
Redhat Information
No data.
CWE