Vulnerability Description
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tsplus | Tsplus Remote Work | <= 16.0.0.0 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/174271/TSPlus-16.0.0.0-Insecure-Credential-Third Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/51681Third Party AdvisoryVDB Entry
- http://packetstormsecurity.com/files/174271/TSPlus-16.0.0.0-Insecure-Credential-Third Party AdvisoryVDB Entry
- https://www.exploit-db.com/exploits/51681Third Party AdvisoryVDB Entry
FAQ
What is CVE-2023-31069?
CVE-2023-31069 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.
How severe is CVE-2023-31069?
CVE-2023-31069 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-31069?
Check the references section above for vendor advisories and patch information. Affected products include: Tsplus Tsplus Remote Work.