← Zuruck zu CVEs
CVE-2025-57796
MEDIUM6.8
Beschreibung
Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.
CVE Details
CVSS v3.1 Bewertung6.8
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienHIGH
BenutzerinteraktionNONE
Veroffentlicht1/28/2026
Zuletzt geandert2/5/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
explorance:blue
Schwachen (CWE)
CWE-257
Referenzen
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0005.md(mandiant-cve@google.com)
https://online-help.explorance.com/blue/articles/security-advisories-(january-2026)(mandiant-cve@google.com)
https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57796(mandiant-cve@google.com)
https://www.explorance.com/products/blue(mandiant-cve@google.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.