Cleartext Storage of Username and Password in Finrota’s Netahsilat

July 4, 2025 invoker category_cve

CVE Details

Basic Information

Title Cleartext Storage of Username and Password in Finrota’s Netahsilat
Type cve
Published 2024-10-04T11:12:30.441Z
Modified 2024-10-04T13:59:57.999Z

Product Information

Vendor Finrota
Product Netahsilat
Version 1.23.11

CVSS Information

Base Score 8.2 (HIGH)
Attack Vector CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N

AI Analysis

AI Description A vulnerability in Finrota’s Netahsilat allows the storage of username and password in cleartext, which could expose sensitive information. This issue has been resolved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11, and 1.24.03.
AI Severity High
AI Vendor Finrota
AI Product Netahsilat
AI Version 1.21.10, 1.23.01, 1.23.08, 1.23.11, 1.24.03

Additional Information

CWE List CWE-312, CWE-311, CWE-202
Source TR-CERT

Description

Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve Embedded Sensitive Data. This issue solved in versions 1.21.10, 1.23.01, 1.23.08, 1.23.11 and 1.24.03.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.