CVE-2018-16498
First published: Wed May 26 2021(Updated: )
In Versa Director, the unencrypted backup files stored on the Versa deployment contain credentials stored within configuration files. These credentials are for various application components such as SNMP, and SSL and Trust keystores.
Credit: support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Versa Networks Versa Director |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-16498?
CVE-2018-16498 is classified as a medium severity vulnerability.
How do I fix CVE-2018-16498?
To fix CVE-2018-16498, ensure that all backup files are encrypted and sensitive credentials are not stored in configuration files.
What components are affected by CVE-2018-16498?
CVE-2018-16498 affects various application components such as SNMP and SSL Trust keystores within Versa Director.
What type of data is exposed in CVE-2018-16498?
CVE-2018-16498 exposes unencrypted backup files that contain sensitive credentials.
Is CVE-2018-16498 exploitable remotely?
CVE-2018-16498 may be exploitable if an unauthorized user has access to the backup files.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/versa-networks
- canonical/versa networks versa director