CVE-2018-15498

Published: Mar 21, 2019Modified: Nov 21, 2024

8.1

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

YSoft SafeQ Server 6 allows a replay attack.

Affected (1)

Products: Ysoft: Safeq Server Client

1 product

Safeq Server Client

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ysoft Safeq Server Client	Version 6.0.13.1

Running on/with	Platform Versions
Ysoft Safeq Server	Version 6.0

Related CWEs

Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

References (2)

https://herolab.usd.de/wp-content/uploads/sites/4/usd20180021.txt

Source: cve@mitre.org

ExploitThird Party Advisory

https://herolab.usd.de/wp-content/uploads/sites/4/usd20180021.txt

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.