- Description
- Hotline Client 1.8.5 stores sensitive user information, including passwords, in plaintext in the bookmarks file, which could allow local users with access to the bookmarks file to gain privileges by extracting the passwords.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 6.4
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hotline_communications:hotline_connect:1.8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0544842B-7E65-499B-857E-A2EED39DDCB8"
}
],
"operator": "OR"
}
]
}
]