CVE-2015-6746 — LOW (2.1) — White Hats Nepal

Q: How severe is CVE-2015-6746?

CVE-2015-6746 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-6746?

Check the references section above for vendor advisories and patch information. Affected products include: Basware Banking.

Vulnerability Description

Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Basware	Banking	<= 8.90.07

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2015-6746?

CVE-2015-6746 is a vulnerability with a CVSS score of 2.1 (LOW). Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: ...

How severe is CVE-2015-6746?

CVE-2015-6746 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-6746?

Check the references section above for vendor advisories and patch information. Affected products include: Basware Banking.