exploitDog

GHSA-9m5v-w59r-w83p

Опубликовано: 07 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key.

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key.

Ссылки

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-326

Связанные уязвимости

CVE-2023-33283

CVSS3: 5.5

nvd

больше 2 лет назад

Marval MSM through 14.19.0.12476 uses a static encryption key for secrets. An attacker that gains access to encrypted secrets can decrypt them by using this key.

EPSS

Процентиль: 2%

0.00013

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-326