The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Management_suite | Baramundi | 7.5 (including) | 7.5 (including) |
| Management_suite | Baramundi | 7.6 (including) | 7.6 (including) |
| Management_suite | Baramundi | 8.0 (including) | 8.0 (including) |
| Management_suite | Baramundi | 8.1 (including) | 8.1 (including) |
| Management_suite | Baramundi | 8.2 (including) | 8.2 (including) |
| Management_suite | Baramundi | 8.3 (including) | 8.3 (including) |
| Management_suite | Baramundi | 8.5 (including) | 8.5 (including) |
| Management_suite | Baramundi | 8.6 (including) | 8.6 (including) |
| Management_suite | Baramundi | 8.7 (including) | 8.7 (including) |
| Management_suite | Baramundi | 8.8 (including) | 8.8 (including) |
| Management_suite | Baramundi | 8.9 (including) | 8.9 (including) |