Vulnerability Details CVE-2009-2312
SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.5%
CVSS Severity
CVSS v2 Score 4.6
References
- http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html
- http://secunia.com/advisories/34390
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49338
- http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html
- http://secunia.com/advisories/34390
- https://exchange.xforce.ibmcloud.com/vulnerabilities/49338
Products affected by CVE-2009-2312
-
cpe:2.3:a:mcafee:smartfilter:4.2.1.00