An Information Disclosure issue in Verodin Director 3.5.3.1 and earlier reveals usernames and passwords of integrated security technologies via a /integrations.json JSON REST API request.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html | Exploit Third Party Advisory VDB Entry |
http://www.nolanbkennedy.com/post/cve-2019-10716-information-disclosure-verodin-director | Exploit Third Party Advisory |
https://www.verodin.com/ | Product |
https://www.verodin.com/technology/platform | Product |
http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html | Exploit Third Party Advisory VDB Entry |
http://www.nolanbkennedy.com/post/cve-2019-10716-information-disclosure-verodin-director | Exploit Third Party Advisory |
https://www.verodin.com/ | Product |
https://www.verodin.com/technology/platform | Product |
Configurations
History
21 Nov 2024, 04:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - Exploit, Third Party Advisory, VDB Entry | |
References | () http://www.nolanbkennedy.com/post/cve-2019-10716-information-disclosure-verodin-director - Exploit, Third Party Advisory | |
References | () https://www.verodin.com/ - Product | |
References | () https://www.verodin.com/technology/platform - Product |
01 Jan 2022, 20:11
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/156214/Verodin-Director-Web-Console-3.5.4.0-Password-Disclosure.html - Exploit, Third Party Advisory, VDB Entry | |
CWE | CWE-269 |
Information
Published : 2019-10-21 00:15
Updated : 2024-11-21 04:19
NVD link : CVE-2019-10716
Mitre link : CVE-2019-10716
CVE.ORG link : CVE-2019-10716
JSON object : View
Products Affected
verodin
- director
CWE
CWE-269
Improper Privilege Management