Cleartext SQL Server Credentials Disclosure in ReadyDesk 9.1

Cleartext SQL Server Credentials Disclosure in ReadyDesk 9.1

CVE-2016-5683 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

ReadyDesk 9.1 allows local users to determine cleartext SQL Server credentials by reading the SQL_Config.aspx file and decrypting data with a hardcoded key in the ReadyDesk.dll file.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.