Netsas: Security Vulnerabilities
A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are granted weak world-readable and world-writable permissions, allowing any low privileged user with access to the system to read sensitive data (e.g., .htpasswd) and create/modify/delete content (e.g., under /var/www/html/docs) within the operating system.
CVSS Score
8.8
EPSS Score
0.002
Published
2020-03-19
NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data stored within the SQL database. It is possible for an attacker to expose unencrypted sensitive data.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-03-19
Page 2