Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Hitek Software Automize 信息泄露漏洞
Vulnerability Description
Hitek Software Automize是美国Hitek Software公司的一套跨平台的自动化软件套件。该套件提供高级任务调度和软件自动化执行等功能。 Hitek Software Automize 10.x版本至10.25版本和11.x版本至11.14版本中的hitek.jar文件存在信息泄露漏洞,该漏洞源于程序使用弱加密算法。攻击者可利用该漏洞从sshProfiles.jsd和encryptionProfiles.jsd文件中检索加密的密码,通过解密恢复明文密码。
CVSS Information
N/A
Vulnerability Type
N/A