Cleartext Storage of System Password Information in Insyde InsydeH2O

Cleartext Storage of System Password Information in Insyde InsydeH2O

CVE-2023-31041 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.

Learn more about our Web Application Penetration Testing UK.