CVE-2018-16498

Published: May 26, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.

Affected (1)

Products: Versa Networks: Versa Director

Versa Networks

1 product

Versa Director

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Versa Networks Versa Director	All versions

Related CWEs

CWE-312

Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (2)

https://hackerone.com/reports/1168195

Source: support@hackerone.com

Third Party Advisory

https://hackerone.com/reports/1168195

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.