First published: Thu Oct 26 2023(Updated: )
An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability affects the setup panel of under setup/manageheader.php, which allows authenticated remote attackers with administrator credentials to read a cleartext database password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Egroupware Egroupware | =17.1.20190111 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue in eGroupWare is CVE-2023-38328.
The severity of CVE-2023-38328 in eGroupWare is medium.
The vulnerability in eGroupWare allows authenticated remote attackers with administrator credentials to read a cleartext database password in the setup panel of manageheader.php.
The version affected by CVE-2023-38328 is eGroupWare 17.1.20190111.
It is recommended to update to a patched version of eGroupWare to fix this vulnerability.