CVE-2014-2870

Published: Apr 15, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The default configuration of PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 uses cleartext for storage of credentials in a database, which makes it easier for context-dependent attackers to obtain sensitive information via unspecified vectors.

Affected (4)

Products: Paperthin: Commonspot Content Server

Paperthin

1 product

Commonspot Content Server

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Paperthin Commonspot Content Server	Up to 7.0.1
Paperthin Commonspot Content Server	Version 8.0.0
Paperthin Commonspot Content Server	Version 8.0.1
Paperthin Commonspot Content Server	Version 8.0.2

Related CWEs

CWE-255

References (2)

http://www.kb.cert.org/vuls/id/437385

Source: cve@mitre.org

US Government Resource

http://www.kb.cert.org/vuls/id/437385

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

Timeline

No history available yet.