MEDIUM✓ PATCH🇬🇧 English

CVE-2025-57796

CVSS 6.8v3.1pub. 2026-01-28upd. 2026-02-05

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
  • Explorance Blue

    APP
    Explorance
    < 8.14.12
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Referencje

Powiązane podatności

CVE-2025-57792CRITICAL10.0PL ✓ten sam produkt

SQL Injection bez uwierzytelnienia w Explorance Blue (CVE-2025-57792)

CVE-2025-57794CRITICAL9.1PL ✓ten sam produkt

RCE przez unrestricted file upload w Explorance Blue (panel admina)

CVE-2025-57795CRITICAL9.9PL ✓ten sam produkt

RCE przez podatny upload plików w Explorance Blue (CVE-2025-57795)

CVE-2025-57793HIGH8.6ten sam produkt

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validati...

CVE-2025-52344MEDIUM6.1ten sam produkt

Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers ...

CVE-2025-57796 — MEDIUM 6.8 | CVEbaza.pl