Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Encryption of sensitive data in CapillaryScope missing
Vulnerability Description
Lack of sensitive data encryption in CapillaryScope v2.5.0 of Capillary io, which stores both the proxy credentials and the JWT session token in plain text within different registry keys on the Windows operating system. Any authenticated local user with read access to the registry can extract these sensitive values.
CVSS Information
N/A
Vulnerability Type
敏感数据加密缺失
Vulnerability Title
Capillary.io CapillaryScope 安全漏洞
Vulnerability Description
Capillary.io CapillaryScope是西班牙Capillary.io公司的一款用于血管检查的软件。 Capillary.io CapillaryScope v2.5.0之前版本存在安全漏洞,该漏洞源于敏感数据未加密存储,可能导致凭据泄露。
CVSS Information
N/A
Vulnerability Type
N/A