Cleartext Transmission and Storage of Sensitive Information in Delta Controls enteliTOUCH

Cleartext Transmission and Storage of Sensitive Information in Delta Controls enteliTOUCH

CVE-2022-29733 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Delta Controls enteliTOUCH 3.40.3935, 3.40.3706, and 3.33.4005 was discovered to transmit and store sensitive information in cleartext. This vulnerability allows attackers to intercept HTTP Cookie authentication credentials via a man-in-the-middle attack.

Learn more about our Web Application Penetration Testing UK.