Vulnerabilities > Thomsonreuters > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-03 | CVE-2019-10679 | Incorrect Default Permissions vulnerability in Thomsonreuters Eikon 4.0.42144 Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILES(X86)%\Thomson Reuters\Eikon permissions. | 7.8 |
| 2018-07-26 | CVE-2018-14608 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. | 7.5 |
| 2018-07-26 | CVE-2018-14607 | Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017 Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. | 7.5 |