CVE-2016-15028

Name of the Vulnerable Software and Affected Versions ICEPAY REST-API-NET version 0.9

Description A vulnerability was found in the function RestClient of the file Classes/RestClient.cs of the component Checksum Validation. The manipulation leads to improper validation of integrity check value. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 1.0 is able to address this issue.

Recommendations For ICEPAY REST-API-NET version 0.9, upgrade to version 1.0 to address the issue. As a temporary workaround, consider disabling the RestClient function until the patch is applied. Restrict access to the Checksum Validation component to minimize the risk of exploitation.