Vulnerability Description
Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jetbox | Jetbox One Cms | 2.0.8 |
References
- http://echo.or.id/adv/adv03-y3dips-2004.txt
- http://secunia.com/advisories/12230
- http://www.kb.cert.org/vuls/id/586720US Government Resource
- http://www.osvdb.org/8325
- http://www.securityfocus.com/archive/1/370852
- http://www.securityfocus.com/bid/10858
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16898
- http://echo.or.id/adv/adv03-y3dips-2004.txt
- http://secunia.com/advisories/12230
- http://www.kb.cert.org/vuls/id/586720US Government Resource
- http://www.osvdb.org/8325
- http://www.securityfocus.com/archive/1/370852
- http://www.securityfocus.com/bid/10858
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16898
FAQ
What is CVE-2004-1447?
CVE-2004-1447 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information.
How severe is CVE-2004-1447?
CVE-2004-1447 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1447?
Check the references section above for vendor advisories and patch information. Affected products include: Jetbox Jetbox One Cms.