CVE-2002-1909

2022-10-0316:23:46

mitre

www.cve.org

click2learn

lms

hashed password

config.txt

remote attackers

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

64.9%

JSON

Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative password in a config.txt file under the htdocs directory, which allows remote attackers to obtain the administrative password.

References

online.securityfocus.com/archive/1/295309

www.iss.net/security_center/static/10387.php

www.securityfocus.com/bid/5969