CVE Vulnerabilities

CVE-2019-11092

Insufficiently Protected Credentials

Published: Jun 13, 2019 | Modified: Mar 24, 2023
CVSS 3.x
4.4
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
3.6 LOW
AV:L/AC:L/Au:N/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access.

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

Name Vendor Start Version End Version
Open_cloud_integrity_tehnology Intel - (including) - (including)
Openattestation Intel - (including) - (including)

Potential Mitigations

References