VYPR
Unrated severityNVD Advisory· Published Sep 7, 2010· Updated Jun 16, 2026

CVE-2010-3244

CVE-2010-3244

Description

BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml file that contains an encrypted password in the field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:blackboard:transact_suite:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:blackboard:transact_suite:*:*:*:*:*:*:*:*range: <=3.6.0.1
    • (no CPE)range: <3.6.0.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.