ID:413 - Exploit for Authentication Bypass - CVE-2016-6434
Published: March 18, 2020
Vulnerability identifier: #VU783
Vulnerability risk: Low
CVE-ID: CVE-2016-6434
CWE-ID: CWE-287
Exploitation vector: Local access
Vulnerable software:
Link to public exploit:
Vulnerability description
The vulnerability allows a local authenticated user to bypass authentication and obtain potentially sensitive information.
The weakness is caused by using of constant credential by the database. If the authenticated user can access the command-line interface (CLI) for the target system he can get database information from a local shell.
Successful exploitation of the vulnerability lets a local attacker to bypass authentication and disclose important data on the vulnerable system.
The weakness is caused by using of constant credential by the database. If the authenticated user can access the command-line interface (CLI) for the target system he can get database information from a local shell.
Successful exploitation of the vulnerability lets a local attacker to bypass authentication and disclose important data on the vulnerable system.