Vulnerabilities > CVE-2017-6911 - Insecure Storage of Sensitive Information vulnerability in USB Pratirodh Project USB Pratirodh
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-Storage.html
- http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-Storage.html
- http://seclists.org/fulldisclosure/2017/Mar/43
- http://seclists.org/fulldisclosure/2017/Mar/43
- http://www.securityfocus.com/archive/1/540289/100/0/threaded
- http://www.securityfocus.com/archive/1/540289/100/0/threaded
- http://www.securityfocus.com/bid/96970
- http://www.securityfocus.com/bid/96970