ГлавнаяУязвимости → CVE-2024-36497
9.1критическая

CVE-2024-36497

Описание

The decrypted configuration file contains the password in cleartext which is used to configure WINSelect. It can be used to remove the existing restrictions and disable WINSelect entirely.

CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Источники
http://seclists.org/fulldisclosure/2024/Jun/12https://r.sec-consult.com/winselecthttps://www.faronics.com/en-uk/document-library/document/winselect-standard-release-noteshttp://seclists.org/fulldisclosure/2024/Jun/12https://r.sec-consult.com/winselecthttps://www.faronics.com/en-uk/document-library/document/winselect-standard-release-notes