A hard-coded cryptographic key is used in FileWave before 14.6.3 and 14.7.x before 14.7.2. Exploitation could allow an unauthenticated actor to decrypt sensitive information saved in FileWave, and even send crafted requests.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-07-25T20:26:14
Updated: 2024-08-03T09:22:10.732Z
Reserved: 2022-07-01T00:00:00
Link: CVE-2022-34906
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-07-25T21:15:08.513
Modified: 2024-11-21T07:10:24.403
Link: CVE-2022-34906
Redhat
No data.