CVE-2019-10716

An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.
Configurations

Configuration 1 (hide)

cpe:2.3:a:verodin:director:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:19

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - Exploit, Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - Exploit, Third Party Advisory, VDB Entry
References () http://www.nolanbkennedy.com/post/cve-2019-10716-information-disclosure-verodin-director - Exploit, Third Party Advisory () http://www.nolanbkennedy.com/post/cve-2019-10716-information-disclosure-verodin-director - Exploit, Third Party Advisory
References () https://www.verodin.com/ - Product () https://www.verodin.com/ - Product
References () https://www.verodin.com/technology/platform - Product () https://www.verodin.com/technology/platform - Product

01 Jan 2022, 20:11

Type Values Removed Values Added
References (MISC) http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - (MISC) http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - Exploit, Third Party Advisory, VDB Entry
CWE CWE-522 CWE-269

Information

Published : 2019-10-21 00:15

Updated : 2024-11-21 04:19


NVD link : CVE-2019-10716

Mitre link : CVE-2019-10716

CVE.ORG link : CVE-2019-10716


JSON object : View

Products Affected

verodin

  • director
CWE
CWE-269

Improper Privilege Management