CVE-2024-36497
June 24, 2024, 12:57 p.m.
Tags
Product(s) Impacted
WINSelect
Description
The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.
Weaknesses
CWE-312
Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
CWE ID: 312Date
Published: June 24, 2024, 9:15 a.m.
Last Modified: June 24, 2024, 12:57 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
551230f0-3615-47bd-b7cc-93e92e730bbf
References
https://r.sec-consult.com/
551230f0-3615-47bd-b7cc-93e92e730bbf
https://www.faronics.com/
551230f0-3615-47bd-b7cc-93e92e730bbf