Blackboard CourseInfo 4.0 Plaintext Administrator Password Vulnerability
Upon installation of Blackboard CourseInfo 4.0, the user is prompted to create a local administrative account in order to access and configure the application. The username and password is stored in plaintext in the following NT registry key:
DB_ConnectString (which contains the SQL Administrator username and password in plaintext), DefaultPassword, and DefaultUser are the plaintext values located in this particular key.
By default, the ACL does not prevent non-administrator accounts to access the registry. Therefore, unauthorized users are able to retrieve the plaintext username and password.