An issue was discovered in Psyprax beforee 3.2.2. Passwords used to encrypt the data are stored in the database in an obfuscated format, which can be easily reverted. For example, the password AAAAAAAA is stored in the database as MMMMMMMM.
References
Link | Resource |
---|---|
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax | Third Party Advisory |
Configurations
History
08 Feb 2021, 20:21
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CPE | cpe:2.3:a:psyprax:psyprax:*:*:*:*:*:*:*:* | |
CWE | CWE-327 | |
References | (MISC) https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax - Third Party Advisory |
05 Feb 2021, 20:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-02-05 20:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-10554
Mitre link : CVE-2020-10554
CVE.ORG link : CVE-2020-10554
JSON object : View
Products Affected
psyprax
- psyprax