The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensitive information exposure.
Exploitability
AV:LAC:LAT:NPR:LUI:NVulnerable System
VC:HVI:NVA:NSubsequent System
SC:NSI:NSA:N6.8/CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:NOther