{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-01-22T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-03-15T09:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96850", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/96850"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-10103", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://rastamouse.me/guff/2016/automize/", "refsource": "MISC", "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96850", "refsource": "BID", "url": "http://www.securityfocus.com/bid/96850"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T03:07:32.131Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"name": "96850", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/96850"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-10103", "datePublished": "2017-01-23T06:49:00.000Z", "dateReserved": "2017-01-02T00:00:00.000Z", "dateUpdated": "2024-08-06T03:07:32.131Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hiteksoftware:automize:10.00:*:*:*:*:*:*:*", "matchCriteriaId": "3A7C2457-43EB-4486-A120-B7D459FC279B", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.01:*:*:*:*:*:*:*", "matchCriteriaId": "35EAE4F6-29CE-4D20-8567-2220905A4783", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.02:*:*:*:*:*:*:*", "matchCriteriaId": "722B055A-E157-46AA-9919-0BE7491B15E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.03:*:*:*:*:*:*:*", "matchCriteriaId": "3913B250-2602-4943-A45E-407118445FBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.04:*:*:*:*:*:*:*", "matchCriteriaId": "6727427E-834D-42A8-8182-2C5FDFE520C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.05:*:*:*:*:*:*:*", "matchCriteriaId": "052CF7DA-98F0-4390-8FAE-5AF5F42708EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.06:*:*:*:*:*:*:*", "matchCriteriaId": "A83DAF2F-569D-433B-85E1-138AEADF4E0C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.07:*:*:*:*:*:*:*", "matchCriteriaId": "42CC6578-8DFA-4500-AF77-9DC73834C8E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.08:*:*:*:*:*:*:*", "matchCriteriaId": "7AC7B1FF-1FB4-423C-BD9D-75DD6B6E66E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.09:*:*:*:*:*:*:*", "matchCriteriaId": "EEAC4542-BC4D-4DEA-8D7B-C750951E825F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.11:*:*:*:*:*:*:*", "matchCriteriaId": "974AA5EF-9670-4DC6-89A2-DEDA3B3276D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.12:*:*:*:*:*:*:*", "matchCriteriaId": "DA0C77C1-D835-4539-809C-1D6E805D40AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.13:*:*:*:*:*:*:*", "matchCriteriaId": "E9FEEFF2-DB6B-472C-B2B7-C7C1D22DBA4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA79A04C-D25D-4D3E-B131-D4249EE0DA4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.15:*:*:*:*:*:*:*", "matchCriteriaId": "474F086B-D331-498F-9313-159BC005BB17", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.16:*:*:*:*:*:*:*", "matchCriteriaId": "A17B080F-E6A3-4A3D-B600-22466C45C82C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.17:*:*:*:*:*:*:*", "matchCriteriaId": "A464860D-5D5D-4065-A7C6-BBE5DC9139D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.18:*:*:*:*:*:*:*", "matchCriteriaId": "AF9197BC-92AB-4927-8805-494B39A2953A", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.19:*:*:*:*:*:*:*", "matchCriteriaId": "1B27121A-7B58-4548-935F-57C1FF187EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.20:*:*:*:*:*:*:*", "matchCriteriaId": "073ED514-E2CC-4D18-A9F4-9654E9161727", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.21:*:*:*:*:*:*:*", "matchCriteriaId": "9D27D639-94D1-4BDE-AD4E-AEB37AFABCE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.22:*:*:*:*:*:*:*", "matchCriteriaId": "43826AA5-62A0-4452-8EC4-098982867CA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.23:*:*:*:*:*:*:*", "matchCriteriaId": "DDEA6E6A-D111-4320-BF3A-E5B7CC397423", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.24:*:*:*:*:*:*:*", "matchCriteriaId": "63FADFB7-14A0-4C13-8853-40EACFBDBD85", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:10.25:*:*:*:*:*:*:*", "matchCriteriaId": "3F80CAE4-2A0D-4805-AAC3-0FFD44D39F78", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.00:*:*:*:*:*:*:*", "matchCriteriaId": "61137963-5766-4F2E-B4A2-EDA5A4469720", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.01:*:*:*:*:*:*:*", "matchCriteriaId": "C7682507-9EA1-468D-8D8C-7060F068EA61", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.02:*:*:*:*:*:*:*", "matchCriteriaId": "BF9EAFEE-3A59-4350-903E-D46AC9185FFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.03:*:*:*:*:*:*:*", "matchCriteriaId": "0CD5DD65-A3DB-4F3F-A8CE-DEF6185D5648", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.04:*:*:*:*:*:*:*", "matchCriteriaId": "00C18571-A34F-4B61-B7FA-3649E31BA513", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.05:*:*:*:*:*:*:*", "matchCriteriaId": "7F7BE139-0DC5-4008-A974-D1A01E1758EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.06:*:*:*:*:*:*:*", "matchCriteriaId": "449AC115-FF3D-4D40-9D8A-8439625D3410", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.07:*:*:*:*:*:*:*", "matchCriteriaId": "84A099DF-F17F-47A3-A17E-C397445A3430", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.08:*:*:*:*:*:*:*", "matchCriteriaId": "4E680BB2-8E4B-407E-813E-661D8880DF5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.09:*:*:*:*:*:*:*", "matchCriteriaId": "0A1EF835-E571-4985-96DC-1703BF3F3BFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.11:*:*:*:*:*:*:*", "matchCriteriaId": "E7C74206-9610-4725-8AB9-CEBD6213DD07", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.12:*:*:*:*:*:*:*", "matchCriteriaId": "E4830A80-D9A8-48CB-B5AE-A36FB0BE7EB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.13:*:*:*:*:*:*:*", "matchCriteriaId": "E3FC908B-E1A7-4ED8-B6D2-A46CE87B96A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:hiteksoftware:automize:11.14:*:*:*:*:*:*:*", "matchCriteriaId": "90166099-D6E9-4346-9C24-1E2CB3FC2455", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for GPG Encryption profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to and including 11.14."}, {"lang": "es", "value": "Puede ocurrir divulgaci\u00f3n de informaci\u00f3n en encryptionProfiles.jsd en Hitek Software's Automize debido a que el atributo Read se establece para Usuarios. Esto permite a un atacante recuperar contrase\u00f1as cifradas para perfiles GPG Encryption. Se verifica en todas las versiones hasta la 10.x incluyendo la 10.25 y todas las versiones hasta la 11.x incluyendo la 11.14."}], "id": "CVE-2016-10103", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-23T07:59:00.250", "references": [{"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/96850"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/96850"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://rastamouse.me/guff/2016/automize/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}, {"lang": "en", "value": "CWE-326"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}