CVE-2015-6746

Basware Banking < 8.90.07 - Plaintext Private Key Storage

Title source: llm
STIX 2.1

Description

Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 due to different vulnerability types.

References (2)

Core 2
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Jul/120

Scores

EPSS 0.0057
EPSS Percentile 43.1%

Details

CWE
CWE-200
Status published
Products (1)
basware/banking < 8.90.07
Published Aug 31, 2015
Tracked Since Feb 18, 2026