Lucene search
HistoryAug 31, 2015 - 2:59 p.m.
CVE-2015-6746
basware
banking
maksuliikenne
8.90.07.x
plaintext
private keys
sql database
remote attackers
spoofing
vulnerability
nvd
cve-2015-6746
7.1 High
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.
| CPE | Name | Operator | Version |
|---|---|---|---|
| basware:banking | basware banking | le | 8.90.07 |
Related
prion
prion
Design/Logic Flaw
2015-08-31 14:59:00
Code injection
2015-08-31 14:59:00
Hardcoded credentials
2015-08-31 14:59:00
cvelist
cvelist
cve
cve
securityvulns
securityvulns
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne
2015-08-24 00:00:00
Basware Banking/Maksuliikenne security vulnerabilities
2015-08-24 00:00:00
7.1 High
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
Related for CVE-2015-6746