CVE-2016-10104 - Vulnerability Details

Vendors	Products
Hiteksoftware	Automize

Link	Providers
http://www.securityfocus.com/bid/96845
https://rastamouse.me/guff/2016/automize/

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-22T00:00:00", "descriptions": [{"lang": "en", "value": "Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-15T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96845", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96845"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10104", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://rastamouse.me/guff/2016/automize/", "refsource": "MISC", "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96845", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96845"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:07:32.122Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96845", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96845"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10104", "datePublished": "2017-01-23T06:49:00", "dateReserved": "2017-01-02T00:00:00", "dateUpdated": "2024-08-06T03:07:32.122Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2017-01-22T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-03-15T09:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : https://rastamouse.me/guff/2016/automize/ (string)

}

1 : { »

name : 96845 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/96845 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2016-10104 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://rastamouse.me/guff/2016/automize/ (string)

refsource : MISC (string)

url : https://rastamouse.me/guff/2016/automize/ (string)

}

1 : { »

name : 96845 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/96845 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T03:07:32.122Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : https://rastamouse.me/guff/2016/automize/ (string)

}

1 : { »

name : 96845 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/96845 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2016-10104 (string)

datePublished : 2017-01-23T06:49:00 (string)

dateReserved : 2017-01-02T00:00:00 (string)

dateUpdated : 2024-08-06T03:07:32.122Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hiteksoftware:automize:10.00:*:*:*:*:*:*:*", "matchCriteriaId": "3A7C2457-43EB-4486-A120-B7D459FC279B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "35EAE4F6-29CE-4D20-8567-2220905A4783", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.02:*:*:*:*:*:*:*", "matchCriteriaId": "722B055A-E157-46AA-9919-0BE7491B15E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.03:*:*:*:*:*:*:*", "matchCriteriaId": "3913B250-2602-4943-A45E-407118445FBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.04:*:*:*:*:*:*:*", "matchCriteriaId": "6727427E-834D-42A8-8182-2C5FDFE520C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.05:*:*:*:*:*:*:*", "matchCriteriaId": "052CF7DA-98F0-4390-8FAE-5AF5F42708EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.06:*:*:*:*:*:*:*", "matchCriteriaId": "A83DAF2F-569D-433B-85E1-138AEADF4E0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.07:*:*:*:*:*:*:*", "matchCriteriaId": "42CC6578-8DFA-4500-AF77-9DC73834C8E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.08:*:*:*:*:*:*:*", "matchCriteriaId": "7AC7B1FF-1FB4-423C-BD9D-75DD6B6E66E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.09:*:*:*:*:*:*:*", "matchCriteriaId": "EEAC4542-BC4D-4DEA-8D7B-C750951E825F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.11:*:*:*:*:*:*:*", "matchCriteriaId": "974AA5EF-9670-4DC6-89A2-DEDA3B3276D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.12:*:*:*:*:*:*:*", "matchCriteriaId": "DA0C77C1-D835-4539-809C-1D6E805D40AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.13:*:*:*:*:*:*:*", "matchCriteriaId": "E9FEEFF2-DB6B-472C-B2B7-C7C1D22DBA4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA79A04C-D25D-4D3E-B131-D4249EE0DA4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.15:*:*:*:*:*:*:*", "matchCriteriaId": "474F086B-D331-498F-9313-159BC005BB17", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.16:*:*:*:*:*:*:*", "matchCriteriaId": "A17B080F-E6A3-4A3D-B600-22466C45C82C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.17:*:*:*:*:*:*:*", "matchCriteriaId": "A464860D-5D5D-4065-A7C6-BBE5DC9139D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.18:*:*:*:*:*:*:*", "matchCriteriaId": "AF9197BC-92AB-4927-8805-494B39A2953A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.19:*:*:*:*:*:*:*", "matchCriteriaId": "1B27121A-7B58-4548-935F-57C1FF187EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "073ED514-E2CC-4D18-A9F4-9654E9161727", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.21:*:*:*:*:*:*:*", "matchCriteriaId": "9D27D639-94D1-4BDE-AD4E-AEB37AFABCE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.22:*:*:*:*:*:*:*", "matchCriteriaId": "43826AA5-62A0-4452-8EC4-098982867CA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.23:*:*:*:*:*:*:*", "matchCriteriaId": "DDEA6E6A-D111-4320-BF3A-E5B7CC397423", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.24:*:*:*:*:*:*:*", "matchCriteriaId": "63FADFB7-14A0-4C13-8853-40EACFBDBD85", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.25:*:*:*:*:*:*:*", "matchCriteriaId": "3F80CAE4-2A0D-4805-AAC3-0FFD44D39F78", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "61137963-5766-4F2E-B4A2-EDA5A4469720", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.01:*:*:*:*:*:*:*", "matchCriteriaId": "C7682507-9EA1-468D-8D8C-7060F068EA61", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.02:*:*:*:*:*:*:*", "matchCriteriaId": "BF9EAFEE-3A59-4350-903E-D46AC9185FFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.03:*:*:*:*:*:*:*", "matchCriteriaId": "0CD5DD65-A3DB-4F3F-A8CE-DEF6185D5648", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "00C18571-A34F-4B61-B7FA-3649E31BA513", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.05:*:*:*:*:*:*:*", "matchCriteriaId": "7F7BE139-0DC5-4008-A974-D1A01E1758EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.06:*:*:*:*:*:*:*", "matchCriteriaId": "449AC115-FF3D-4D40-9D8A-8439625D3410", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.07:*:*:*:*:*:*:*", "matchCriteriaId": "84A099DF-F17F-47A3-A17E-C397445A3430", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.08:*:*:*:*:*:*:*", "matchCriteriaId": "4E680BB2-8E4B-407E-813E-661D8880DF5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.09:*:*:*:*:*:*:*", "matchCriteriaId": "0A1EF835-E571-4985-96DC-1703BF3F3BFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "E7C74206-9610-4725-8AB9-CEBD6213DD07", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.12:*:*:*:*:*:*:*", "matchCriteriaId": "E4830A80-D9A8-48CB-B5AE-A36FB0BE7EB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.13:*:*:*:*:*:*:*", "matchCriteriaId": "E3FC908B-E1A7-4ED8-B6D2-A46CE87B96A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.14:*:*:*:*:*:*:*", "matchCriteriaId": "90166099-D6E9-4346-9C24-1E2CB3FC2455", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}, {"lang": "es", "value": "Puede ocurrir divulgaci\u00f3n de informaci\u00f3n en sshProfiles.jsd en Hitek Software's Automize debido a que el que el atributo Leer se establece para Usuarios. Esto permite a un atacante recuperar contrase\u00f1as cifradas para perfiles SSH/SFTP. Se verifica en todas las versiones hasta la 10.x incluyendo la 10.25 y todas las versiones hasta la 11.x incluyendo la 11.14."}], "id": "CVE-2016-10104", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-23T07:59:00.283", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/96845"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/96845"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.00:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A7C2457-43EB-4486-A120-B7D459FC279B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.01:*:*:*:*:*:*:* (string)

matchCriteriaId : 35EAE4F6-29CE-4D20-8567-2220905A4783 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.02:*:*:*:*:*:*:* (string)

matchCriteriaId : 722B055A-E157-46AA-9919-0BE7491B15E0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.03:*:*:*:*:*:*:* (string)

matchCriteriaId : 3913B250-2602-4943-A45E-407118445FBB (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.04:*:*:*:*:*:*:* (string)

matchCriteriaId : 6727427E-834D-42A8-8182-2C5FDFE520C0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.05:*:*:*:*:*:*:* (string)

matchCriteriaId : 052CF7DA-98F0-4390-8FAE-5AF5F42708EC (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.06:*:*:*:*:*:*:* (string)

matchCriteriaId : A83DAF2F-569D-433B-85E1-138AEADF4E0C (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.07:*:*:*:*:*:*:* (string)

matchCriteriaId : 42CC6578-8DFA-4500-AF77-9DC73834C8E8 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.08:*:*:*:*:*:*:* (string)

matchCriteriaId : 7AC7B1FF-1FB4-423C-BD9D-75DD6B6E66E6 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.09:*:*:*:*:*:*:* (string)

matchCriteriaId : EEAC4542-BC4D-4DEA-8D7B-C750951E825F (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.11:*:*:*:*:*:*:* (string)

matchCriteriaId : 974AA5EF-9670-4DC6-89A2-DEDA3B3276D8 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.12:*:*:*:*:*:*:* (string)

matchCriteriaId : DA0C77C1-D835-4539-809C-1D6E805D40AD (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.13:*:*:*:*:*:*:* (string)

matchCriteriaId : E9FEEFF2-DB6B-472C-B2B7-C7C1D22DBA4C (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.14:*:*:*:*:*:*:* (string)

matchCriteriaId : DA79A04C-D25D-4D3E-B131-D4249EE0DA4F (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.15:*:*:*:*:*:*:* (string)

matchCriteriaId : 474F086B-D331-498F-9313-159BC005BB17 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.16:*:*:*:*:*:*:* (string)

matchCriteriaId : A17B080F-E6A3-4A3D-B600-22466C45C82C (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.17:*:*:*:*:*:*:* (string)

matchCriteriaId : A464860D-5D5D-4065-A7C6-BBE5DC9139D1 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.18:*:*:*:*:*:*:* (string)

matchCriteriaId : AF9197BC-92AB-4927-8805-494B39A2953A (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.19:*:*:*:*:*:*:* (string)

matchCriteriaId : 1B27121A-7B58-4548-935F-57C1FF187EE6 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.20:*:*:*:*:*:*:* (string)

matchCriteriaId : 073ED514-E2CC-4D18-A9F4-9654E9161727 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.21:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D27D639-94D1-4BDE-AD4E-AEB37AFABCE4 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.22:*:*:*:*:*:*:* (string)

matchCriteriaId : 43826AA5-62A0-4452-8EC4-098982867CA1 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.23:*:*:*:*:*:*:* (string)

matchCriteriaId : DDEA6E6A-D111-4320-BF3A-E5B7CC397423 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.24:*:*:*:*:*:*:* (string)

matchCriteriaId : 63FADFB7-14A0-4C13-8853-40EACFBDBD85 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:10.25:*:*:*:*:*:*:* (string)

matchCriteriaId : 3F80CAE4-2A0D-4805-AAC3-0FFD44D39F78 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.00:*:*:*:*:*:*:* (string)

matchCriteriaId : 61137963-5766-4F2E-B4A2-EDA5A4469720 (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.01:*:*:*:*:*:*:* (string)

matchCriteriaId : C7682507-9EA1-468D-8D8C-7060F068EA61 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.02:*:*:*:*:*:*:* (string)

matchCriteriaId : BF9EAFEE-3A59-4350-903E-D46AC9185FFE (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.03:*:*:*:*:*:*:* (string)

matchCriteriaId : 0CD5DD65-A3DB-4F3F-A8CE-DEF6185D5648 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.04:*:*:*:*:*:*:* (string)

matchCriteriaId : 00C18571-A34F-4B61-B7FA-3649E31BA513 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.05:*:*:*:*:*:*:* (string)

matchCriteriaId : 7F7BE139-0DC5-4008-A974-D1A01E1758EC (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.06:*:*:*:*:*:*:* (string)

matchCriteriaId : 449AC115-FF3D-4D40-9D8A-8439625D3410 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.07:*:*:*:*:*:*:* (string)

matchCriteriaId : 84A099DF-F17F-47A3-A17E-C397445A3430 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.08:*:*:*:*:*:*:* (string)

matchCriteriaId : 4E680BB2-8E4B-407E-813E-661D8880DF5C (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.09:*:*:*:*:*:*:* (string)

matchCriteriaId : 0A1EF835-E571-4985-96DC-1703BF3F3BFC (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.11:*:*:*:*:*:*:* (string)

matchCriteriaId : E7C74206-9610-4725-8AB9-CEBD6213DD07 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.12:*:*:*:*:*:*:* (string)

matchCriteriaId : E4830A80-D9A8-48CB-B5AE-A36FB0BE7EB3 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.13:*:*:*:*:*:*:* (string)

matchCriteriaId : E3FC908B-E1A7-4ED8-B6D2-A46CE87B96A1 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:a:hiteksoftware:automize:11.14:*:*:*:*:*:*:* (string)

matchCriteriaId : 90166099-D6E9-4346-9C24-1E2CB3FC2455 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14. (string)

}

1 : { »

lang : es (string)

value : Puede ocurrir divulgación de información en sshProfiles.jsd en Hitek Software's Automize debido a que el que el atributo Leer se establece para Usuarios. Esto permite a un atacante recuperar contraseñas cifradas para perfiles SSH/SFTP. Se verifica en todas las versiones hasta la 10.x incluyendo la 10.25 y todas las versiones hasta la 11.x incluyendo la 11.14. (string)

}

]

id : CVE-2016-10104 (string)

lastModified : 2025-04-20T01:37:25.860 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 5.9 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 2.2 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2017-01-23T07:59:00.283 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/96845 (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://rastamouse.me/guff/2016/automize/ (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/96845 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : https://rastamouse.me/guff/2016/automize/ (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-326 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object