Vulnerabilities > CVE-2004-2723 - Credentials Management vulnerability in Nessus Nessuswx 1.4.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
NessusWX 1.4.4 stores account passwords in plaintext in .session files, which allows local users to obtain passwords.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://seclists.org/fulldisclosure/2004/Mar/1343.html
- http://seclists.org/fulldisclosure/2004/Mar/1343.html
- http://securitytracker.com/id?1009577
- http://securitytracker.com/id?1009577
- http://www.osvdb.org/4814
- http://www.osvdb.org/4814
- http://www.securityfocus.com/bid/9993
- http://www.securityfocus.com/bid/9993
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15641
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15641