H3-2022-0062¶

Microsoft FrontPage service.pwd File Exposure

Description¶

Systems with Microsoft FrontPage Extensions installed may be misconfigured, exposing information for reading and possibly modification.

Impact¶

An unauthenticated attacker can obtained hashed passwords from this file to be used in offline cracking attacks. If successful, they can use these credentials to further compromise the host.

References¶

• Microsoft FrontPage Extensions service.pwd file could reveal encrypted passwords
• MITRE ATT&CK Technique: T1552.001: Unsecured Credentials: Credentials In Files