41 matches found
EUVD-2015-6681
Malware in sbrugna...
EUVD-2015-0951
Malware in sbrugna...
EUVD-2015-6680
Malware in sbrugna...
EUVD-2015-6685
Malware in sbrugna...
EUVD-2015-6682
Malware in sbrugna...
EUVD-2015-6683
Malware in sbrugna...
Basware Banking Security Bypass Vulnerability
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which stems from the program's reliance on the client to...
Basware Banking Trust Management Vulnerability (CNVD-2015-05813)
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which stems from the use of hard-coded passwords for ANCO...
Basware Banking Information Disclosure Vulnerability (CNVD-2015-05816)
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking 8.90.07 and earlier versions, which originates from the program storing private keys in...
Basware Banking Trust Management Vulnerability (CNVD-2015-05812)
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which stems from the use of hard-coded passwords for accounts...
Basware Banking Information Disclosure Vulnerability (CNVD-2015-05817)
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which arises from the program failing to properly restrict...
Basware Banking Denial of Service Vulnerability
Basware Banking Maksuliikenne is a suite of software from the Finnish company Basware that establishes connections with banks to manage their own finances. A security vulnerability exists in Basware Banking version 8.90.07 and earlier, which arises from the program's reliance on the client to...
CVE-2015-6747
Basware Banking Maksuliikenne 8.90.07.X does not properly prevent access to private keys, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types. NOTE: this...
CVE-2015-6746
Basware Banking Maksuliikenne before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types...
CVE-2015-6745
Basware Banking Maksuliikenne 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability typ...
CVE-2015-6744
Basware Banking Maksuliikenne before 8.90.07.X relies on the client to enforce 1 login verification, 2 audit trail creation, and 3 account locking, which allows remote attackers to "disrupt security-critical functions" by "dropping network traffic." NOTE: this identifier was SPLIT from...
CVE-2015-6743
Basware Banking Maksuliikenne 8.90.07.X uses a hardcoded password for an unspecified account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to...
CVE-2015-6742
Basware Banking Maksuliikenne before 8.90.07.X uses a hardcoded password for the ANCO account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to...
Design/Logic Flaw
Basware Banking Maksuliikenne before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types...
Code injection
Basware Banking Maksuliikenne before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting...