CVE-2009-1466

EUVD-2009-1464
Application Access Server (A-A-S) 2.0.48 stores (1) passwords and (2) the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Affected Products (NVD)
VendorProductVersion
klinzmannapplication_access_server
2.0.48
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://securitytracker.com/id?1022204
http://www.securityfocus.com/archive/1/503434/100/0/threaded
http://www.securityfocus.com/bid/34911
http://www.syhunt.com/advisories/?id=aas-multiple
https://exchange.xforce.ibmcloud.com/vulnerabilities/50590
http://securitytracker.com/id?1022204
http://www.securityfocus.com/archive/1/503434/100/0/threaded
http://www.securityfocus.com/bid/34911
http://www.syhunt.com/advisories/?id=aas-multiple
https://exchange.xforce.ibmcloud.com/vulnerabilities/50590