exploitDog

CVE-2025-57796

Опубликовано: 28 янв. 2026

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.

Ссылки

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0005.md
Third Party Advisory
https://online-help.explorance.com/blue/articles/security-advisories-(january-2026)
Vendor Advisory
https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57796
Vendor Advisory
https://www.explorance.com/products/blue
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:explorance:blue:*:*:*:*:*:*:*:*

Версия до 8.14.12 (исключая)

EPSS

Процентиль: 5%

0.0002

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-257

Связанные уязвимости

GHSA-cc53-w5wm-253v

CVSS3: 6.8

github

10 дней назад

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.

EPSS

Процентиль: 5%

0.0002

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-257