CVE-2009-2312

high

Description

SmartFilter Web Gateway Security 4.2.1.00 stores user credentials in cleartext in config.txt and uses insecure permissions for this file, which allows local users to gain privileges.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/49338

http://secunia.com/advisories/34390

http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0314.html

Details

Source: Mitre, NVD

Published: 2009-07-02

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00044