Account Locking Bypass Vulnerability in Basware Banking (Maksuliikenne) 8.90.07.X
CVE-2015-6745 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enforce account locking, which allows local users to bypass that security mechanism by deleting the entry from the locking table. NOTE: this identifier was SPLIT from CVE-2015-0942 per ADT2 and ADT3 due to different vulnerability type and different affected versions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2015-6744.
Learn more about our User Device Pen Test.