NVD

Id
56281  
Name
CVE-2007-4150  
Description
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 uses weak cryptography (XOR) when (1) transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and (2) storing passwords in the configuration file, which allows local users to obtain sensitive information by reading this file.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2007-08-03  
Modified Date
2008-11-15  
Seq
2007-4150  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
286668 56281 CVE-2007-4150 http://www.portcullis.co.uk/uplds/advisories/vapassword%20-%2006-042.txt  View
286669 56281 CVE-2007-4150 25153  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
57233 JVNDB-2007-005925 Visionsoft Audit の VSAOD における重要な情報を取得される脆弱性 Visionsoft Audit の Visionsoft Audit on Demand Service (VSAOD) は、パスワードを送信する際、および設定ファイルにパスワードを格納する際、弱い暗号 (XOR) を使用するため、重要な情報を取得される脆弱性が存在します。 CVE-2007-4150 27505 CVE-2007-4150 56281 10 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005925.html 2007-08-03 2012-12-20 View