CVE-2002-0487

CVSS 4.6 - MEDIUM

Description

Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.

Affected Products

2

Vendor	Product	Version
workforceroi	xpede	`4.1`
workforceroi	xpede	`7.0`

References

http://www.iss.net/security_center/static/8612.php

http://www.securityfocus.com/archive/1/263485

http://www.securityfocus.com/bid/4346

http://www.iss.net/security_center/static/8612.php

http://www.securityfocus.com/archive/1/263485

http://www.securityfocus.com/bid/4346

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2002-0487
Published:: 2002-08-12
Modified:: 2026-04-16
CVSS Score:: 4.6
Severity:: MEDIUM
Vector:: AV:L/AC:L/Au:N/C:P/I:P/A:P

Affected Vendors

workforceroi

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL