Vulnerabilities > CVE-2002-2301 - Credentials Management vulnerability in Lawson Software Lawson Financials 8.0

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.

Vulnerable Configurations

Part Description Count
Application
Lawson_Software
1

Common Weakness Enumeration (CWE)