A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-07-25T20:26:14

Updated: 2024-08-03T09:22:10.732Z

Reserved: 2022-07-01T00:00:00

Link: CVE-2022-34906

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-07-25T21:15:08.513

Modified: 2024-11-21T07:10:24.403

Link: CVE-2022-34906

cve-icon Redhat

No data.