Описание
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.
Уязвимые конфигурации
Конфигурация 1Версия до 2.0.8 (исключая)
Одновременно
cpe:2.3:a:axxonsoft:axxon_one:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00007
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-311
Связанные уязвимости
CVSS3: 4.6
github
5 месяцев назад
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.
EPSS
Процентиль: 0%
0.00007
Низкий
4.6 Medium
CVSS3
Дефекты
CWE-311