Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/108740 | |
https://www.tenable.com/security/research/tra-2019-27 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: tenable
Published: 2019-06-12T14:06:57
Updated: 2019-06-13T11:06:07
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3947
JSON object: View
NVD Information
Status : Modified
Published: 2019-06-12T15:29:00.910
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-3947
JSON object: View
Redhat Information
No data.
CWE