Default Access to Firebird Database in Psyprax

Default Access to Firebird Database in Psyprax

CVE-2020-10552 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the default user sysdba and password masterke after installation. This allows any user to access it and read and modify the contents, including passwords. Local database files can be accessed directly as well.

Learn more about our User Device Pen Test.