CVE-2016-10101

HIGH

Hitek Software Automize <11.x - Info Disclosure

Title source: llm
STIX 2.1

Description

Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. Users have the Read attribute, which allows an attacker to recover the encrypted password to access the Password Manager.

References (2)

Core 2
Core References
Third Party Advisory x_refsource_misc
https://rastamouse.me/guff/2016/automize/
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/96840

Scores

CVSS v3 8.1
EPSS 0.0060
EPSS Percentile 43.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-255 CWE-326
Status published
Products (40)
hiteksoftware/automize 10.00
hiteksoftware/automize 10.01
hiteksoftware/automize 10.02
hiteksoftware/automize 10.03
hiteksoftware/automize 10.04
hiteksoftware/automize 10.05
hiteksoftware/automize 10.06
hiteksoftware/automize 10.07
hiteksoftware/automize 10.08
hiteksoftware/automize 10.09
... and 30 more
Published Jan 23, 2017
Tracked Since Feb 18, 2026