Vulnerabilities > CVE-2008-6191 - Credentials Management vulnerability in Intrinsic Swimage Encore

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

intrinsic

CWE-255

NVD

Published: 2009-02-19

Updated: 2017-08-17

Summary

Conductor.exe in Intrinsic Swimage Encore before 5.0.1.21 contains a hardcoded password, which might allow local users to decrypt certain .bin files. NOTE: it is not clear whether this issue crosses privilege boundaries.

Vulnerable Configurations

Part	Description	Count
Application	Intrinsic Intrinsic Swimage Encore *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://secunia.com/advisories/31540
http://www.kb.cert.org/vuls/id/778427
http://www.securityfocus.com/bid/30736
https://exchange.xforce.ibmcloud.com/vulnerabilities/44538