CVE-2022-1279
6.5
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ebics-java | ebics-java-client | unspecified < 1.2 | affected |
Weaknesses
- CWE-325: CWE-325 Missing Required Cryptographic Step
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.