- Home
- CVEs with nessus.description==By manipulating the padding on an encrypted string, Nessus was able
to generate an error message that indicates a likely 'padding oracle'
vulnerability. Such a vulnerability can affect any application or
framework that uses encryption improperly, such as some versions of
ASP.net, Java Server Faces, and Mono.
An attacker may exploit this issue to decrypt data and recover
encryption keys, potentially viewing and modifying confidential data.
Note that this plugin should detect the MS10-070 padding oracle
vulnerability in ASP.net if CustomErrors are enabled in that.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top