A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone prior to 2020.015 allows malicious users to craft password-reset tokens or decrypt server-side configuration files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
konzept-ix publixone |