The vulnerability of the web application of the 1C:Enterprise system, related to the storage and transmission of data in an open manner, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the 1C:Enterprise web application relates to the storage and transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information...

1c Enterprise Encryption Problem Vulnerability

1c Enterprise is a platform for handling business automation in corporate environments from 1c Germany. The platform handles activities in accounting, finance, human resources and management. A cryptographic issue vulnerability exists in 1C:Enterprise 8 8.3.17.1851, which stems from the program...

The vulnerability of the web application of the enterprise automation system 1C:Enterprise lies in the lack of measures taken to protect the website structure, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the 1C:Enterprise web application lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks by sending specially crafted requests...

The vulnerability of the dynamic analyzer for XML files in the wsisapi.dll library of the enterprise automation system 1C:Enterprise allows a perpetrator to cause service failures and gain access to internal network resources.

The vulnerability of the dynamic analyzer for XML files in the wsisapi.dll library of the enterprise automation system 1C:Enterprise is related to the implementation of XML. Exploiting this vulnerability can allow a malicious actor to cause service failures and gain access to internal network...

The vulnerability of the enterprise automation system 1C:Enterprise allows a malicious individual to trigger service failures or execute arbitrary codes.

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder of the XML document handling library xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the CIIUTF8LARGELENGTH state for processing a single...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder library for working with XML documents xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the DOCUMENTCHARACTERENCODINGSCHEME state processing...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The server processes agent.exe, rmngr.exe, and rhost.exe of the enterprise automation system 1C:Enterprise use the same main module, core82.dll. The specially crafted TCP packet is interpreted as a sequence of recursive function calls, which ultimately leads to exhaustion of the application stack...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The 1C:Enterprise system contains a vulnerability in the Fast Infoset decoder of the xml2.dll library, which is used for working with XML documents. A malicious individual can manipulate input data, causing the Fast Infoset decoder to become in the EIIINDEXMEDIUM state. This allows them to send a...

The vulnerability of the enterprise automation system 1C:Enterprise, which allows a malicious individual to cause service failures

The 1C:Enterprise system contains a vulnerability in the Fast Infoset decoder of the xml2.dll library, which is used for working with XML documents. A malicious individual can manipulate input data, causing the Fast Infoset decoder to become in the EIIINDEXLARG state. This allows them to send an...

Vulnerabilities of the enterprise automation system 1C:Enterprise, allowing a malicious individual to trigger service failures or gain access to encrypted data without knowing the encryption key

Multiple vulnerabilities in the OpenSSL cryptographic package of the 1C: enterprise automation system allow a malicious actor to remotely cause service failures or gain access to encrypted data without knowing the encryption key...