Mobotix Control Center (MxCC) through 2.5.4.5 has Insufficiently Protected Credentials, Storing Passwords in a Recoverable Format via the MxCC.ini config file. The credential storage method in this software enables an attacker/user of the machine to gain admin access to the software and gain access to recordings/recording locations.
References
Link | Resource |
---|---|
https://github.com/PurplePetrus/MxCC_Credential-Storage_issue/blob/main/MxCC_improper_credential_storage | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-19T13:13:01
Updated: 2022-05-19T13:13:01
Reserved: 2022-05-02T00:00:00
Link: CVE-2022-30018
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-19T14:15:08.003
Modified: 2024-02-13T16:47:14.693
Link: CVE-2022-30018
JSON object: View
Redhat Information
No data.
CWE