Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
明文存储口令
Vulnerability Title
Dell NetWorker 安全漏洞
Vulnerability Description
Dell NetWorker是美国戴尔(Dell)公司的一个应用程序。提供戴尔公司的论坛讨论功能。 Dell NetWorker 19.9 版本、NMDA MySQL Database 19.9 到 19.9.0.3 、19.9 到 19.9.0.3、19.7 之前版本存在安全漏洞,该漏洞源于数据库在备份期间在临时配置文件中存储纯文本密码,攻击者利用该漏洞能够使用暴露的凭据以受感染帐户的权限访问易受攻击的应用程序数据库。
CVSS Information
N/A
Vulnerability Type
N/A