CVE-2022-3217 – When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a sta …

Vuln ID: CVE-2022-3217

Published:  2022-09-16  22:15:12Z

Description: When logging in to a VBASE runtime project via Web-Remote, the product uses XOR with a static initial key to obfuscate login messages. An unauthenticated remote attacker with the ability to capture a login session can obtain the login credentials.

Source: NVD.NIST.GOV