CVE-2017-9615

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:cognito:moneyworks:*:*:*:*:*:*:*:*

Information

Published : 2017-06-26 00:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-9615

Mitre link : CVE-2017-9615


JSON object : View

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource

CWE-532

Insertion of Sensitive Information into Log File

Advertisement

dedicated server usa

Products Affected

cognito

  • moneyworks