CVE-2020-9403

MEDIUM

Pactware < 5.0.5.31 - Insufficiently Protected Credentials

Title source: rule

Description

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation.

References (1)

[Vendor Advisory] https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf

Scores

CVSS v3 5.5

EPSS 0.0005

EPSS Percentile 15.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522

Status published

Affected Products (5)

pactware/pactware < 5.0.5.31

pactware/pactware

Timeline

Published Aug 11, 2020

Tracked Since Feb 18, 2026