CVE-2022-25807
- EPSS 0.05%
- Veröffentlicht 09.06.2022 04:15:11
- Zuletzt bearbeitet 21.11.2024 06:53:02
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the LDAPDesPWEncrypter class allows an attacker, who has discovered encrypted LDAP bind credentials, to decrypt those credentials using a static 8-b...
CVE-2022-25804
- EPSS 0.04%
- Veröffentlicht 09.06.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:01
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. Insecure permissions for the serverconfig registry key (under JavaSoft\Prefs\de\igel\rm\config in HKEY_LOCAL_MACHINE\SOFTWARE) allow an unprivileged local attacker to read...
CVE-2022-25805
- EPSS 0.17%
- Veröffentlicht 09.06.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:02
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. The transmission of cleartext LDAP bind credentials by the cmd_mgt_load_mgt_tree command allows an attacker (who can intercept or inspect traffic between an authenticated ...
CVE-2022-25806
- EPSS 0.42%
- Veröffentlicht 09.06.2022 04:15:10
- Zuletzt bearbeitet 21.11.2024 06:53:02
An issue was discovered in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-by...