Today > | 7 High | 22 Medium | 6 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-36497

June 24, 2024, 12:57 p.m.

Description

The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.

Weaknesses

CWE-312
Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

CWE ID: 312

Date

Published: June 24, 2024, 9:15 a.m.

Last Modified: June 24, 2024, 12:57 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

551230f0-3615-47bd-b7cc-93e92e730bbf

References

https://r.sec-consult.com/ 551230f0-3615-47bd-b7cc-93e92e730bbf

https://www.faronics.com/ 551230f0-3615-47bd-b7cc-93e92e730bbf