Vulnerabilities > Netsas

DATE CVE VULNERABILITY TITLE RISK
2020-03-19 CVE-2019-16062 Missing Encryption of Sensitive Data vulnerability in Netsas Enigma Network Management Solution
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database.
network
low complexity
netsas CWE-311
4.0
2020-03-19 CVE-2019-16061 Incorrect Default Permissions vulnerability in Netsas Enigma Network Management Solution
A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data (e.g., .htpasswd) and create/modify/delete content (e.g., under /var/www/html/docs) within the operating system.
network
low complexity
netsas CWE-276
6.5