{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-22T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-15T09:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96848", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96848"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10102", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://rastamouse.me/guff/2016/automize/", "refsource": "MISC", "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96848", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96848"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:07:32.119Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96848", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96848"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10102", "datePublished": "2017-01-23T06:49:00.000Z", "dateReserved": "2017-01-02T00:00:00.000Z", "dateUpdated": "2024-08-06T03:07:32.119Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hiteksoftware:automize:10.00:*:*:*:*:*:*:*", "matchCriteriaId": "3A7C2457-43EB-4486-A120-B7D459FC279B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "35EAE4F6-29CE-4D20-8567-2220905A4783", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.02:*:*:*:*:*:*:*", "matchCriteriaId": "722B055A-E157-46AA-9919-0BE7491B15E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.03:*:*:*:*:*:*:*", "matchCriteriaId": "3913B250-2602-4943-A45E-407118445FBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.04:*:*:*:*:*:*:*", "matchCriteriaId": "6727427E-834D-42A8-8182-2C5FDFE520C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.05:*:*:*:*:*:*:*", "matchCriteriaId": "052CF7DA-98F0-4390-8FAE-5AF5F42708EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.06:*:*:*:*:*:*:*", "matchCriteriaId": "A83DAF2F-569D-433B-85E1-138AEADF4E0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.07:*:*:*:*:*:*:*", "matchCriteriaId": "42CC6578-8DFA-4500-AF77-9DC73834C8E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.08:*:*:*:*:*:*:*", "matchCriteriaId": "7AC7B1FF-1FB4-423C-BD9D-75DD6B6E66E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.09:*:*:*:*:*:*:*", "matchCriteriaId": "EEAC4542-BC4D-4DEA-8D7B-C750951E825F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.11:*:*:*:*:*:*:*", "matchCriteriaId": "974AA5EF-9670-4DC6-89A2-DEDA3B3276D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.12:*:*:*:*:*:*:*", "matchCriteriaId": "DA0C77C1-D835-4539-809C-1D6E805D40AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.13:*:*:*:*:*:*:*", "matchCriteriaId": "E9FEEFF2-DB6B-472C-B2B7-C7C1D22DBA4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA79A04C-D25D-4D3E-B131-D4249EE0DA4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.15:*:*:*:*:*:*:*", "matchCriteriaId": "474F086B-D331-498F-9313-159BC005BB17", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.16:*:*:*:*:*:*:*", "matchCriteriaId": "A17B080F-E6A3-4A3D-B600-22466C45C82C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.17:*:*:*:*:*:*:*", "matchCriteriaId": "A464860D-5D5D-4065-A7C6-BBE5DC9139D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.18:*:*:*:*:*:*:*", "matchCriteriaId": "AF9197BC-92AB-4927-8805-494B39A2953A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.19:*:*:*:*:*:*:*", "matchCriteriaId": "1B27121A-7B58-4548-935F-57C1FF187EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "073ED514-E2CC-4D18-A9F4-9654E9161727", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.21:*:*:*:*:*:*:*", "matchCriteriaId": "9D27D639-94D1-4BDE-AD4E-AEB37AFABCE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.22:*:*:*:*:*:*:*", "matchCriteriaId": "43826AA5-62A0-4452-8EC4-098982867CA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.23:*:*:*:*:*:*:*", "matchCriteriaId": "DDEA6E6A-D111-4320-BF3A-E5B7CC397423", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.24:*:*:*:*:*:*:*", "matchCriteriaId": "63FADFB7-14A0-4C13-8853-40EACFBDBD85", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.25:*:*:*:*:*:*:*", "matchCriteriaId": "3F80CAE4-2A0D-4805-AAC3-0FFD44D39F78", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "61137963-5766-4F2E-B4A2-EDA5A4469720", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.01:*:*:*:*:*:*:*", "matchCriteriaId": "C7682507-9EA1-468D-8D8C-7060F068EA61", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.02:*:*:*:*:*:*:*", "matchCriteriaId": "BF9EAFEE-3A59-4350-903E-D46AC9185FFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.03:*:*:*:*:*:*:*", "matchCriteriaId": "0CD5DD65-A3DB-4F3F-A8CE-DEF6185D5648", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "00C18571-A34F-4B61-B7FA-3649E31BA513", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.05:*:*:*:*:*:*:*", "matchCriteriaId": "7F7BE139-0DC5-4008-A974-D1A01E1758EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.06:*:*:*:*:*:*:*", "matchCriteriaId": "449AC115-FF3D-4D40-9D8A-8439625D3410", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.07:*:*:*:*:*:*:*", "matchCriteriaId": "84A099DF-F17F-47A3-A17E-C397445A3430", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.08:*:*:*:*:*:*:*", "matchCriteriaId": "4E680BB2-8E4B-407E-813E-661D8880DF5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.09:*:*:*:*:*:*:*", "matchCriteriaId": "0A1EF835-E571-4985-96DC-1703BF3F3BFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "E7C74206-9610-4725-8AB9-CEBD6213DD07", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.12:*:*:*:*:*:*:*", "matchCriteriaId": "E4830A80-D9A8-48CB-B5AE-A36FB0BE7EB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.13:*:*:*:*:*:*:*", "matchCriteriaId": "E3FC908B-E1A7-4ED8-B6D2-A46CE87B96A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.14:*:*:*:*:*:*:*", "matchCriteriaId": "90166099-D6E9-4346-9C24-1E2CB3FC2455", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected."}, {"lang": "es", "value": "hitek.jar en Hitek Software's Automize utiliza cifrado d\u00e9bil al cifrar las contrase\u00f1as de los perfiles SSH/SFTP y Encryption. Esto permite a un atacante recuperar las contrase\u00f1as cifradas de sshProfiles.jsd y encryptionProfiles.jsd y descifrarlas para recuperar contrase\u00f1as de texto plano. Todas las versiones 10.x hasta la 10.25 inclusive y todas las versiones 11.x hasta la 11.14 inclusive se verifican afectadas."}], "id": "CVE-2016-10102", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-23T07:59:00.220", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/96848"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/96848"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}