{"id":"CVE-2023-38328","details":"An issue was discovered in eGroupWare 17.1.20190111. An Improper Password Storage vulnerability affects the setup panel of under setup/manageheader.php, which allows authenticated remote attackers with administrator credentials to read a cleartext database password.","modified":"2025-11-20T12:18:55.852887Z","published":"2023-10-26T22:15:08.613Z","references":[{"type":"ADVISORY","url":"https://www.gruppotim.it/it/footer/red-team.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/egroupware/egroupware","events":[{"introduced":"0"},{"last_affected":"f17b71db49602b78b192397255439f8ba88284c3"}]}],"versions":["16.1.20160603","17.1.20171023","17.1.20171106","17.1.20171115","17.1.20171129","17.1.20171130","17.1.20180118","17.1.20180209","17.1.20180321","17.1.20180413","17.1.20180523","17.1.20180625","17.1.20180720","17.1.20180831","17.1.20181018","17.1.20181205","17.1.20190111"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-38328.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"}]}