CVE-2019-7667
- Reference to the description:
- Description:
- Prima Systems FlexAir, Versions 2.3.38 and prior. The application generates database backup files with a predictable name, and an attacker can use brute force to identify the database backup file name. A malicious actor can exploit this issue to download the database file and disclose login information, which can allow the attacker to bypass authentication and have full access to the system.
- Last updated date:
- 10/21/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/21/2022