CVE-2020-7515

Name of the Vulnerable Software and Affected Versions Easergy Builder versions 1.4.7.2 and prior

Description A vulnerability exists due to the use of a hard-coded cryptographic key stored in cleartext, which could allow an attacker to decrypt passwords. This issue is related to the storage of the cryptographic key in an unencrypted form, potentially enabling an attacker to access user passwords.

Recommendations For Easergy Builder versions 1.4.7.2 and prior, consider updating to a version that does not use hard-coded cryptographic keys in cleartext, or apply additional security measures to protect against password decryption attacks. As a temporary workaround, restrict access to sensitive areas of the system to minimize the risk of exploitation.