Lucene search

MitreCVE-2015-6744

HistoryAug 31, 2015 - 2:59 p.m.

CVE-2015-6744

2015-08-3114:59:03

mitre

web.nvd.nist.gov

basware banking

maksuliikenne

cve-2015-6744

security

remote attack

network traffic

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON

Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client to enforce (1) login verification, (2) audit trail creation, and (3) account locking, which allows remote attackers to “disrupt security-critical functions” by “dropping network traffic.” NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability type and different affected versions.

Affected configurations

Nvd

Node

baswarebankingRange≤8.90.07

VendorProductVersionCPE
baswarebanking*cpe:2.3:a:basware:banking:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
basware	banking	*	cpe:2.3:a:basware:banking::::::::

References

seclists.org/fulldisclosure/2015/Jul/120

www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON

Related for CVE-2015-6744