The Globe7 soft phone client 7.3 sends username and password information in cleartext, which allows remote attackers to obtain sensitive information by sniffing the HTTP traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| globe7 | globe7 | 7.3 |
The Globe7 soft phone client 7.3 uses weak cryptography (reversed sequence of binary values) for the password, which might allow local users to obtain sensitive information.
CVSS 2.0
Severity: LOW
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| globe7 | globe7 | 7.3 |