Security Advisory

CVE-2015-0943

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-08-31 14:08:00

Last updated 2024-08-06 04:26:11

Assigner certcc

State PUBLISHED

Description

Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user credentials, and other sensitive information by sniffing the network or modify this traffic by inserting packets into the client-server data stream.

← Browse all CVEs View on cve.org ↗