Description
It was observed that SapphireIMS utilized default sapphire:ims credentials to connect the client to server. This credential is saved in ServerConf.config file in the client.
CVSS 3.0 Base Score
4.4 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
Researcher
Tanoy Bose
POC
Vulnerability Tracker
Disclosure timelines
- 07 May, 2020 - Vendor informed; failed
- 16 Sept, 2020 - Cert-CC and Cert-In Informed
