RSS   Vulnerabilities for 'Portier'   RSS

2019-03-21
 
CVE-2019-5723

CWE-326
 

 
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwords are stored using reversible encryption rather than as a hash value, and the used Vigenere algorithm is badly outdated. Moreover, the encryption key is static and too short. Due to this, the passwords stored by the application can be easily decrypted.

 
 
CVE-2019-5722

CWE-89
 

 
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to a lack of user input validation in parameter handling, it has various SQL injections, including on the login form, and on the search form for a key ring number.

 


Copyright 2024, cxsecurity.com

 

Back to Top