CVE-2020-9403

MEDIUM

PACTware < 4.1 SP6 and 5.0-5.0.5.31 - Insufficiently Protected Credentials

Title source: llm

Description

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://pactware.com/fileadmin/user_upload/Cyber-Security-Documents/2020-05-29_published_PWC_CyberSecurityNotifications-CVE-2020-9403-9404__002_.pdf

Scores

CVSS v3 5.5

EPSS 0.0029

EPSS Percentile 20.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-522

Status published

Products (5)

pactware/pactware 2.4 sp4

pactware/pactware 3.0 sp5

pactware/pactware 3.5

pactware/pactware 3.6 sp1

pactware/pactware 5.0 - 5.0.5.31

Published Aug 11, 2020

Tracked Since Feb 18, 2026