- Description
- Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsys:cyberpatrol:4.04.003:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9009A873-47FF-43F8-8B2A-3E72A3E2E260"
},
{
"criteria": "cpe:2.3:a:microsys:cyberpatrol:4.04.005:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6CBC6E4F-4CB3-4BB2-9B49-A66962290EB2"
}
],
"operator": "OR"
}
]
}
]