Cleartext Storage of Credentials in Baramundi Management Suite

Cleartext Storage of Credentials in Baramundi Management Suite

CVE-2013-3624 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:N/A:N

The OS deployment feature in Baramundi Management Suite 7.5 through 8.9 stores credentials in cleartext on deployed machines, which allows remote attackers to obtain sensitive information by reading a file. NOTE: this ID was also incorrectly mapped to a separate issue in Oracle Outside In, but the correct ID for that issue is CVE-2013-5763.

Learn more about our Web Application Penetration Testing UK.