CVE-2005-4860
HIGHSpectrum Cash Receipting System <6.504 - Privilege Escalation
Title source: llmDescription
Spectrum Cash Receipting System before 6.504 uses weak cryptography (static substitution) in the PASSFILE password file, which makes it easier for local users to gain privileges by decrypting a password.
References (3)
Core 3
Core References
Broken Link x_refsource_misc
http://www.portcullis.co.uk/uplds/advisories/Portcullis%20Security%20Advisory%2005-002%20Spectrum%20Cash%20Receipting%20System%20Weak%20Password%20Protection%20Vulnerability.txt
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/13985
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111229613907550&w=2
Scores
CVSS v3
7.8
EPSS
0.0020
EPSS Percentile
9.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-327
Status
published
Products (1)
spectrumcu/cash_receipting_system
< 6.504
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026