CVE-2025-57796

Medium CVSS: 6.8

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sensitive data, including user passwords and system configurations. This approach allows stored values to be decrypted offline if the encrypted data are obtained.

Vendor

Explorance

Product

Blue

CWE

CWE-257

Yayın Tarihi

2026-01-28 18:16:49

Güncelleme

2026-02-05 16:57:26

Source Identifier

mandiant-cve@google.com

KEV Date Added

Kategoriler

CWE-257 Blue MEDIUM Explorance 2026

Referanslar

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0005.md https://online-help.explorance.com/blue/articles/security-advisories-(january-2026) https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57796 https://www.explorance.com/products/blue

Benzer Kayıtlar

Critical

CVE-2025-57792

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user…

High

CVE-2025-57793

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user…

Critical

CVE-2025-57794

Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administ…

Critical

CVE-2025-57795

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service c…

Medium

CVE-2025-52344

Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject…