CVE-2024-7407

Name of the Vulnerable Software and Affected Versions Streamsoft Prestiż versions prior to 18.2.377

Description The issue concerns the use of a custom password encoding algorithm in the software, which allows for straightforward decoding of passwords using their encoded forms stored in the application's database. An attacker would need to know the encoding algorithm, but it can be deduced by observing how passwords are transformed.

Recommendations For versions prior to 18.2.377, update to version 18.2.377 or later to resolve the issue. As a temporary workaround, consider restricting access to the database where encoded passwords are stored to minimize the risk of exploitation.