CVE-2016-10101 Information

Description

Information Disclosure can occur in Hitek Software’s Automize 10.x and 11.x passManager.jsd. Users have the Read attribute which allows an attacker to recover the encrypted password to access the Password Manager.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/96840 https://rastamouse.me/guff/2016/automize/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

8.1