CRITICAL🇵🇱 Wersja polska

CVE-2019-3947

CVSS 9.8v3.0pub. 2019-06-12upd. 2024-11-21

Fuji Electric V-Server before 6.0.33.0 stores database credentials in project files as plaintext. An attacker that can gain access to the project file can recover the database credentials and gain access to the database server.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Fujielectric V Server

    APP
    Fujielectric
    < 6.0.33.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2019-18240CRITICAL9.8ten sam produkt

In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may...

CVE-2018-14809CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, A use after free vulnerability has been identified, which may allow ...

CVE-2018-14811CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been ide...

CVE-2018-14813CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, A heap-based buffer overflow vulnerability has been identified, whic...

CVE-2018-14815CRITICAL9.8ten sam produkt

Fuji Electric V-Server 4.0.3.0 and prior, Several out-of-bounds write vulnerabilities have been identified, wh...