Insecure Storage and Transmission of Credentials in TotalAlert Web Application

Insecure Storage and Transmission of Credentials in TotalAlert Web Application

CVE-2018-7518 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner.

Learn more about our Web App Pen Testing.