CVE-2020-9404

Severity CVSS v4.0:
Pending analysis
Type:
CWE-522 Insufficiently Protected Credentials
Publication date:
11/08/2020
Last modified:
18/08/2020

Description

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:pactware:pactware:*:*:*:*:*:*:*:* 5.0 (including) 5.0.5.31 (excluding)
cpe:2.3:a:pactware:pactware:2.4:sp5:*:*:*:*:*:*
cpe:2.3:a:pactware:pactware:3.0:sp4:*:*:*:*:*:*
cpe:2.3:a:pactware:pactware:3.5:*:*:*:*:*:*:*
cpe:2.3:a:pactware:pactware:3.6:sp1:*:*:*:*:*:*