Vulnerabilities > CVE-2019-14483 - Unspecified vulnerability in Adremsoft Netcrunch

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

adremsoft

NVD

Published: 2020-12-16

Updated: 2021-07-21

Summary

AdRem NetCrunch 10.6.0.4587 allows Credentials Disclosure. Every user can read the BSD, Linux, MacOS and Solaris private keys, private keys' passwords, and root passwords stored in the credential manager. Every administrator can read the ESX and Windows passwords stored in the credential manager.

Vulnerable Configurations

Part	Description	Count
Application	Adremsoft Adremsoft Netcrunch 10.0.2 Adremsoft Netcrunch 10.1.0 Adremsoft Netcrunch 10.1.1 Adremsoft Netcrunch 10.2.0 Adremsoft Netcrunch 10.3.0 Adremsoft Netcrunch 10.3.1 Adremsoft Netcrunch 10.3.2 Adremsoft Netcrunch 10.4.0 Adremsoft Netcrunch 10.4.1 Adremsoft Netcrunch 10.4.2 Adremsoft Netcrunch 10.5.0 Adremsoft Netcrunch 10.5.1 Adremsoft Netcrunch 10.6.0 Adremsoft Netcrunch 10.6.0.4587	14

Summary

Vulnerable Configurations

References