Computer Security
[EN] no-pyccku

Basware Banking/Maksuliikenne security vulnerabilities
SecurityVulns ID:14654
Threat Level:
Affected:BASWARE : Basware Banking 8.90
CVE:CVE-2015-0943 (Basware Banking (Maksuliikenne) before does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream.)
 CVE-2015-0942 (** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, CVE-2015-6747. Reason: This candidate originally combined multiple issues that have different vulnerability types and other complex abstraction issues. Notes: All CVE users should reference CVE-2015-6742, CVE-2015-6743, CVE-2015-6744, CVE-2015-6745, CVE-2015-6746, and CVE-2015-6747 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.)
Original documentdocumentCVE-2015-0942_(at), Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne (24.08.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod