CVE-2024-1346

medium

Description

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants.

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-laborofficefree

Details

Source: Mitre, NVD

Published: 2024-02-19

Updated: 2024-02-20

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Severity: Medium

Detections

Analytics