ID:10641 - Exploit for Cleartext storage of sensitive information in Expedition - CVE-2024-9466

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10641 - Exploit for Cleartext storage of sensitive information in Expedition - CVE-2024-9466

ID:10641 - Exploit for Cleartext storage of sensitive information in Expedition - CVE-2024-9466

Published: October 22, 2024


Vulnerability identifier: #VU98386
Vulnerability risk: Low
CVE-ID: CVE-2024-9466
CWE-ID: CWE-312
Exploitation vector: Local access
Vulnerable software:
Expedition

Link to public exploit:


Vulnerability description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to firewall usernames, passwords, and API keys generated using those credentials are stored in plain text on the system. A local user can obtain credentials of other users.



Remediation

Install updates from vendor's website.