Security Advisory

CVE-2022-22789

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-25 19:11:08

Last updated 2024-08-03 03:21:49

Assigner INCD

State PUBLISHED

Description

Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.

← Browse all CVEs View on cve.org ↗