Axxonsoft: >> Axxon One >> 2.0.2 Security Vulnerabilities
Dependency on Vulnerable Third-Party Component (CWE-1395) in the PostgreSQL backend in AxxonSoft Axxon One (C-Werk) 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs present in PostgreSQL v10.x, which are resolved in PostgreSQL 17.4.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-09-10
Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon OneĀ (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.
CVSS Score
4.6
EPSS Score
0.0
Published
2025-09-10