Vulnerabilities > Intuit > Lacerte > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-31 CVE-2018-11338 Cleartext Transmission of Sensitive Information vulnerability in Intuit Lacerte
Intuit Lacerte 2017 for Windows in a client/server environment transfers the entire customer list in cleartext over SMB, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.
network
low complexity
intuit CWE-319
7.5