N/A

A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed.

N/A

敏感数据的明文存储

Business-central 安全漏洞

Business-central中存在安全漏洞，该漏洞源于程序在存储密码时，使用Base64而非加密算法进行编码。攻击者可利用该漏洞获取用户密码。

N/A

N/A