Описание
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.
Ссылки
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
- Release NotesVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 7.6.48 (исключая)
Одновременно
cpe:2.3:a:idrive:remotepc:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
5.3 Medium
CVSS3
2.9 Low
CVSS2
Дефекты
CWE-327
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher.
EPSS
Процентиль: 10%
0.00034
Низкий
5.3 Medium
CVSS3
2.9 Low
CVSS2
Дефекты
CWE-327