Vulnerability Description
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify the file according his own requirements that may aid in further attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Usb Pratirodh Project | Usb Pratirodh | - |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-StorThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Mar/43Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/540289/100/0/threaded
- http://www.securityfocus.com/bid/96970Third Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/141651/USB-Pratirodh-Insecure-Password-StorThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2017/Mar/43Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/540289/100/0/threaded
- http://www.securityfocus.com/bid/96970Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-6911?
CVE-2017-6911 is a vulnerability with a CVSS score of 6.6 (MEDIUM). USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify t...
How severe is CVE-2017-6911?
CVE-2017-6911 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6911?
Check the references section above for vendor advisories and patch information. Affected products include: Usb Pratirodh Project Usb Pratirodh.