PT-2023-14701 · Screencheck · Screencheck Badgemaker

Publicado

2023-02-15

Atualizado

2025-03-19

CVE-2022-45546

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ScreenCheck BadgeMaker version 2.6.2.0

Description The issue allows an internal attacker to obtain credentials for authentication via network sniffing due to information disclosure in the authentication component of the application.

Recommendations For ScreenCheck BadgeMaker version 2.6.2.0, consider restricting access to the authentication component until a patch is available. As a temporary workaround, implement additional network monitoring to detect potential sniffing attempts.

Exploit

Correção

Cleartext Transmission of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-319

Identificadores relacionados

CVE-2022-45546

Produtos afetados

Screencheck Badgemaker

PT-2023-14701 · Screencheck · Screencheck Badgemaker

CVE-2022-45546

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7