NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.
References
Link | Resource |
---|---|
https://www.mogozobo.com/?p=3647 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-03-19T17:56:42
Updated: 2020-03-19T17:56:42
Reserved: 2019-09-06T00:00:00
Link: CVE-2019-16067
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-03-19T18:15:14.227
Modified: 2021-07-21T11:39:23.747
Link: CVE-2019-16067
JSON object: View
Redhat Information
No data.