CVE-2025-10227

4.6MEDIUM

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storag

公開日: 9/10/2025更新日: 12/19/2025
NVDで表示MITREで表示

説明

Missing Encryption of Sensitive Data (CWE-311) in the Object Archive component in AxxonSoft Axxon One (C-Werk) before 2.0.8 on Windows and Linux allows a local attacker with access to exported storage or stolen physical drives to extract sensitive archive data in plaintext via lack of encryption at rest.

AI分析AIによる分析

影響を受ける製品

axxonsoftaxxon_one
linuxlinux_kernel
-
microsoftwindows
-

参照