Filtered by vendor Ndocsoftware
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15366 | 1 Ndocsoftware | 1 Ndoc | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
Before Thornberry NDoc version 8.0, laptop clients and the server have default database (Cache) users set up with a single password. This password is left behind in a cleartext log file during client installation on laptops. This password can be used to gain full admin/system access to client devices (if no firewall is present) or the NDoc server itself. Once the password is known to an attacker, local access is not required. |