Name of the Vulnerable Software and Affected Versions MasterCard Tokenisation Service (MDES) (affected versions not specified) Visa Tokenisation Service (VTS) (affected versions not specified)

Description The issue is related to the arbitrary modification of the Amount field in the ISO 8583 Authorisation Request package. This could allow an attacker to use cryptograms to make fraudulent payments.

Recommendations For MasterCard Tokenisation Service (MDES), at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Visa Tokenisation Service (VTS), at the moment, there is no information about a newer version that contains a fix for this vulnerability.