Lucene search
HistoryAug 31, 2015 - 2:59 p.m.
CVE-2015-6746
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
68.9%
Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.
Affected configurations
Node
baswarebankingRange≤8.90.07
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2015-08-31 14:59:00
Code injection
2015-08-31 14:59:00
Hardcoded credentials
2015-08-31 14:59:00
cve
cve
nvd
nvd
securityvulns
securityvulns
Basware Banking/Maksuliikenne security vulnerabilities
2015-08-24 00:00:00
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne
2015-08-24 00:00:00
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
68.9%
Related for NVD:CVE-2015-6746