CVE-2000-0434
CVSS 2.0 Score 7.5 of 10 (high)
Details
Summary
CVE-2000-0434 is a vulnerability affecting the Allmanage web site administration software. The issue lies in the fact that the administrative password is stored in plaintext in a file that can be accessed remotely, making it susceptible to attacks from unauthorized users. This weakness exposes the administrative interface to potential takeover, allowing attackers to modify site settings, install malware, or gain further access to the underlying system. The plaintext password storage is a significant security oversight, increasing the risk of data breaches and unauthorized access. Users are urged to update or replace the software to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.