Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ndocsoftware Subscribe
Filtered by product Ndoc
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-15366 1 Ndocsoftware 1 Ndoc 2019-10-02 10.0 HIGH 9.8 CRITICAL
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required.