PT-2019-8011 · Orpak · Orpak Siteomat

Published

2019-06-03

Updated

2019-06-04

CVE-2017-14852

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Orpak SiteOmat (affected versions not specified)

Description An insecure communication was found between a user and the Orpak SiteOmat management console due to an invalid SSL certificate. This allows an eavesdropper to capture the communication and decrypt the data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-311CWE-310

Related Identifiers

CVE-2017-14852

Affected Products

Orpak Siteomat

PT-2019-8011 · Orpak · Orpak Siteomat

CVE-2017-14852

Weakness Enumeration

Related Identifiers

Affected Products

References · 6