CVE Vulnerabilities

CVE-2022-2569

Cleartext Storage of Sensitive Information

Published: Aug 24, 2022 | Modified: Nov 21, 2024
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users

Weakness

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

Affected Software

Name Vendor Start Version End Version
Pcvue Arcinformatique * 12.0.27 (excluding)
Pcvue Arcinformatique 15 (including) 15.2.2 (including)

Potential Mitigations

References