CVE-2007-4150

Name of the Vulnerable Software and Affected Versions Visionsoft Audit version 12.4.0.0

Description The issue concerns the use of weak cryptography, specifically XOR, in two areas: transmitting passwords over the network and storing passwords in a configuration file. This weakness allows remote attackers to capture sensitive information by monitoring network traffic and enables local users to access sensitive data by reading the configuration file.

Recommendations For Visionsoft Audit version 12.4.0.0, consider disabling the password transmission feature over the network until a secure cryptography method is implemented. Additionally, restrict access to the configuration file to minimize the risk of local users obtaining sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.