CVE-2001-1536
7.5
CVSS Score
High
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Link copied!
Description
Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Software Configurations
- a audiogalaxy audiogalaxy - * * * * * * *
Weaknesses (CWE)
- CWE-312
References & External Links
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html
- http://www.iss.net/security_center/static/7621.php
- http://www.securityfocus.com/bid/3587
- http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html
- http://www.iss.net/security_center/static/7621.php
- http://www.securityfocus.com/bid/3587