CVE-2023-2335
27.04.2023, 18:15
Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows (Registery modules) allows Retrieve Admin user credentials This issue affects surelock windows: from 2.3.12 through 2.40.0.Enginsight
| Vendor | Product | Version |
|---|---|---|
| 42gears | surelock | 2.3.12 ≤ 𝑥 ≤ 2.40.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-312 - Cleartext Storage of Sensitive InformationThe product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.