CVE-2016-10512

Published: Sep 30, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

MultiTech FaxFinder before 4.1.2 stores Passwords unencrypted for maintaining the test connectivity function of its LDAP configuration. These credentials are retrieved by the system when the LDAP configuration page is opened and are embedded directly into the HTML source code in cleartext.

Affected (1)

Products: Multitech: Faxfinder

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Multitech Faxfinder	All versions

Related CWEs

References (2)

https://packetstormsecurity.com/files/139844/Multitech-RightFax-Faxfinder-Credential-Disclosure.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://packetstormsecurity.com/files/139844/Multitech-RightFax-Faxfinder-Credential-Disclosure.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.