CVE-2021-35193 – Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certif …

30 July 2021

Vuln ID: CVE-2021-35193

Published: 2021-07-30 19:15:09Z

Description: Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers’ installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those credentials only occurs after a username/password authentication step; however, this authentication step is on the client side, and an attacker can develop their own client that skips this step.)

Source: NVD.NIST.GOV

Date:

30 July 2021

Categorie(s):

NVD

Tag(s):

NVD

Millions of Malicious Containers Found on Docker Hub30 April 2024
Disinformation: EU Opens Probe Against Facebook and Instagram Ahead of Election30 April 2024
FCC fines major wireless carriers over illegal location data sharing30 April 2024
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades30 April 2024
Palo Alto Networks launches Prisma SASE 3.0 for enhanced device security30 April 2024