Primary

Context

Anviz CrossChex Standard Improper Verification of Source in Client-Server Communication Vulnerability

Vulnerability

A vulnerability exists in Anviz CrossChex Standard due to a lack of source verification in the client/server communication channel. This flaw allows an attacker on the same network to inject TCP packets, potentially altering or disrupting application traffic. Additionally, this vulnerability could be exploited to gain unauthorized access to database credentials, which are transmitted unencrypted, enabling unauthorized database access.

Impact

Exploitation of this vulnerability could lead to unauthorized interception and modification of application traffic, as well as unauthorized access to database credentials, allowing access to the database.

Remediation

Anviz did not respond to CISA's attempts to coordinate these vulnerabilities. Users should contact Anviz for more information.

Added: Apr 17, 2026, 8:20 PM

Updated: Apr 17, 2026, 8:20 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

1.3

exploitability

4.4

remediation

7.9

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

1.3

exploitability

4.4

remediation

7.9

relevance

5.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Anviz CrossChex Standard Improper Verification of Source in Client-Server Communication Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Anviz CrossChex Standard

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating