← volver
CVE-2014-1217

CVE-2014-1217

EPSS 1.5%
Livetecs Timelive before 6.2.8 does not properly restrict access to systemsetting.aspx, which allows remote attackers to change configurations and obtain the database connection string and credentials via unspecified vectors.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://seclists.org/fulldisclosure/2014/Apr/259https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-1217/http://www.securityfocus.com/archive/1/531911/100/0/threadedhttp://www.securityfocus.com/bid/67043