CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Square-Enix: >> Final Fantasy Xiv >> 4.25 Security Vulnerabilities

CVE-2018-7295

ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http before proceeding to use https. This is fixed in Patch 4.3.

CVSS Score

8.1

EPSS Score

0.002

Published

2018-05-23

Page 1

Vulnerabilities

Vulnerable Software

Square-Enix: >> Final Fantasy Xiv >> 4.25 Security Vulnerabilities

Products

Pricing

Contact Us