First published: Mon Feb 13 2023(Updated: )
Driver Distributor v2.2.3.1 and earlier contains a vulnerability where passwords are stored in a recoverable format. If an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Fujifilm Driver Distributor | <=2.2.3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2022-43460.
The severity of CVE-2022-43460 is high (CVSS score: 7.5).
The affected software version of CVE-2022-43460 is Driver Distributor v2.2.3.1 and earlier.
The impact of CVE-2022-43460 is that if an attacker obtains a configuration file of Driver Distributor, the encrypted administrator's credentials may be decrypted.
Yes, there is a fix available for CVE-2022-43460. It is recommended to update to a fixed version of Driver Distributor.