cvedb.io
CVE-2016-10102
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2017-01-23T07:59:00.220 · Last modified 2026-06-17T00:39:03.787

Summary

hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. This allows an attacker to retrieve the encrypted passwords from sshProfiles.jsd and encryptionProfiles.jsd and decrypt them to recover cleartext passwords. All 10.x up to and including 10.25 and all 11.x up to and including 11.14 are verified to be affected.

Affected products

hiteksoftware — automize

Does this affect you?

Add your gear to cvedb and we'll alert you only when hiteksoftware ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.