QwikSec

Security Database

CVE

CWE

Training

CVE-2015-6742

Published: Aug 31, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded password for the ANCO account, which allows remote authenticated users to bypass intended access restrictions by leveraging knowledge of this password. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability types and different affected versions.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne

mailing-list

x_refsource_FULLDISC

https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2015/haavoittuvuus-2015-018.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.