CVE-2022-1279

Summary

A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.

Affected Software

VendorProductVersion RangeStatus
ebics-javaebics-java-clientunspecified < 1.2affected

Weaknesses

  • CWE-325: CWE-325 Missing Required Cryptographic Step

ADP Enrichment

CVE Program Container

Additional References

References