Vulnerability CVE-2024-36497


Published: 2024-06-24

Description:
The decrypted configuration file contains the password in cleartext
which is used to configure WINSelect. It can be used to remove the
existing restrictions and disable WINSelect entirely.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password
Daniel Hirschber...
26.06.2024

 References:
https://r.sec-consult.com/winselect
https://www.faronics.com/en-uk/document-library/document/winselect-standard-release-notes

Copyright 2024, cxsecurity.com

 

Back to Top