Clear-text Storage of Proxy Authentication Credentials in BackWeb Client

Clear-text Storage of Proxy Authentication Credentials in BackWeb Client

CVE-1999-1277 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

BackWeb client stores the username and password in cleartext for proxy authentication in the Communication registry key, which could allow other local users to gain privileges by reading the password.

Learn more about our Web App Pen Testing.