CVE-2024-7407

Sažetak

Use of a custom password encoding algorithm in Streamsoft Prestiż software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed. This issue was fixed in 18.2.377 version of the software.

Reference

https://cert.pl/en/posts/2025/03/CVE-2024-7407/
https://www.streamsoft.pl/streamsoft-prestiz/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

28-03-2025 - 18:11

Objavljeno

28-03-2025 - 13:15