CVE Vulnerabilities

CVE-2002-0487

Published: Aug 12, 2002 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript session timeout re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser’s cache.

Affected Software

Name Vendor Start Version End Version
Xpede Workforceroi 4.1 4.1
Xpede Workforceroi 7.0 7.0

References