Vulnerabilities > CVE-2022-1279 - Unspecified vulnerability in Ebics Java Project Ebics Java

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ebics-java-project

NVD

Published: 2022-04-14

Updated: 2023-07-24

Summary

A vulnerability in the encryption implementation of EBICS messages in the open source librairy ebics-java/ebics-java-client allows an attacker sniffing network traffic to decrypt EBICS payloads. This issue affects: ebics-java/ebics-java-client versions prior to 1.2.

Vulnerable Configurations

Part	Description	Count
Application	Ebics_Java_Project Ebics Java Project Ebics Java -	1

References

https://github.com/ebics-java/ebics-java-client/releases/tag/1.2