Cleartext Credential Storage in IBM BigFix Compliance Analytics
CVE-2017-1201
7.8HIGH
Summary
IBM BigFix Compliance Analytics 1.9.79 has a vulnerability where sensitive user credentials are stored in clear text. This allows any local user with access to the system to read and potentially exploit these credentials, leading to unauthorized access and increased security risks.
Affected Version(s)
BigFix Compliance Analytics 1.9.79
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved