CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-6746

Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.8%

CVSS Severity

CVSS v2 Score 2.1

References

http://seclists.org/fulldisclosure/2015/Jul/120
https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html
http://seclists.org/fulldisclosure/2015/Jul/120
https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html

Products affected by CVE-2015-6746

Basware » Banking » Version: Any

cpe:2.3:a:basware:banking:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6746

Products

Pricing

Contact Us