Weak Encryption and Lack of Encryption in Microsys CyberPatrol Expose Credit Card Numbers and Sensitive Data to Network Sniffing

Weak Encryption and Lack of Encryption in Microsys CyberPatrol Expose Credit Card Numbers and Sensitive Data to Network Sniffing

CVE-2000-1173 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.

Learn more about our Network Penetration Testing.