CVE-2021-31539

Published: Apr 23, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Wowza Streaming Engine before 4.8.8.01 (in a default installation) has cleartext passwords stored in the conf/admin.password file. A regular local user is able to read usernames and passwords.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.wowza.com/products/streaming-engine

x_refsource_MISC

https://www.gruppotim.it/redteam

x_refsource_MISC

https://www.wowza.com/docs/wowza-streaming-engine-4-8-8-01-release-notes#breaking

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-31539

Description

Affected Products

References