Vulnerabilities > CVE-2002-0487 - Unspecified vulnerability in Workforceroi Xpede 4.1/7.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |