Critical Security Vulnerability in Sera 1.2: Plain Text Storage of User Login Passwords

Critical Security Vulnerability in Sera 1.2: Plain Text Storage of User Login Passwords

CVE-2017-15918 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and system keychains to local attacks.

Learn more about our User Device Pen Test.