CVE-2015-0943

Name of the Vulnerable Software and Affected Versions Basware Banking (Maksuliikenne) versions prior to 9.10.0.0

Description The issue allows man-in-the-middle attackers to obtain sensitive information, including encryption keys and user credentials, by sniffing the network or modifying the traffic. This is possible because communication between the client and the backend server is not encrypted.

Recommendations For versions prior to 9.10.0.0, update to version 9.10.0.0 or later to ensure encryption of communication between the client and the backend server.