3.3

CVE-2009-2977

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoCs-mars Version <= 6.0.4
CiscoCs-mars Version4.1
CiscoCs-mars Version4.1.2
CiscoCs-mars Version4.1.3
CiscoCs-mars Version4.1.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.53% 0.408
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.3 6.5 2.9
AV:A/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb52450
http://www.securityfocus.com/archive/1/505995/100/0/threaded
http://www.securityfocus.com/archive/1/505998/100/0/threaded
http://www.securityfocus.com/bid/36098
http://www.vupen.com/english/advisories/2009/2364
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/52913