CVE-2026-32650

HIGH

Anviz CrossChex Standard Algorithm Downgrade

Title source: cna

Description

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access.

Scores

CVSS v3 7.5
EPSS 0.0003
EPSS Percentile 8.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-757
Status published
Products (1)
Anviz/Anviz CrossChex Standard All versions
Published Apr 17, 2026
Tracked Since Apr 18, 2026