Security Advisory

CVE-2019-3937

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-30 20:38:24

Last updated 2024-08-04 19:26:27

Assigner tenable

State PUBLISHED

Description

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. A local attacker can use this vulnerability to recover sensitive data.

← Browse all CVEs View on cve.org ↗