Описание
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.
Уязвимые конфигурации
Конфигурация 1Версия до 8.90.07 (включая)
cpe:2.3:a:basware:banking:*:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.0012
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.
EPSS
Процентиль: 31%
0.0012
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200