PT-2019-8011 · Orpak · Orpak Siteomat

Publicado

2019-06-03

Atualizado

2019-06-04

CVE-2017-14852

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Orpak SiteOmat (affected versions not specified)

Description An insecure communication was found between a user and the Orpak SiteOmat management console due to an invalid SSL certificate. This allows an eavesdropper to capture the communication and decrypt the data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Encryption of Sensitive Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-311CWE-310

Identificadores relacionados

CVE-2017-14852

Produtos afetados

Orpak Siteomat

PT-2019-8011 · Orpak · Orpak Siteomat

CVE-2017-14852

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6