Unprotected Transport of Credentials in Avantra Software by Syslink
CVE-2026-8673

5.9MEDIUM

Key Information:

Vendor: Syslink Software Ag
Status: Avantra
Vendor: CVE Published:; 22 May 2026

🔔 Create Syslink Software Ag Vulnerability Alert

What is CVE-2026-8673?

The Syslink Software AG Avantra contains an unprotected transport of credentials vulnerability on both Linux and Windows platforms. This security flaw enables attackers to intercept sensitive information, leading to potential sniffing attacks. This vulnerability affects versions of Avantra prior to 25.3.0, emphasizing the need for administrators to review and update their deployments to mitigate the risk of unauthorized access to critical systems.

Affected Version(s)

Avantra Linux 0 < 25.3.0

References

https://support.avantra.com/hc/en-us/articles/5535621927071

vendor-advisory

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 22, 2026
Vulnerability Reserved
May 15, 2026

Credit

Vicxer Inc.

CVE-2026-8673 Data

JSON