Password Exposure in Cognito Software Moneyworks 8.0.3 and Earlier: Administrator Password Written to World-Readable File

Password Exposure in Cognito Software Moneyworks 8.0.3 and Earlier: Administrator Password Written to World-Readable File

CVE-2017-9615 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.

Learn more about our Web Application Penetration Testing UK.