Vulnerabilities > CVE-2001-1550 - Unspecified vulnerability in Centra Asp, Centraone and Smart Connect

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
centra

Summary

CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users.

Vulnerable Configurations

Part Description Count
Application
Centra
3