Опубликовано: 26 сент. 2024
Источник: github
Github: Не прошло ревью
CVSS4: 5.3
CVSS3: 4.3
Описание
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used.
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used.
EPSS
Процентиль: 17%
0.00056
Низкий
5.3 Medium
CVSS4
4.3 Medium
CVSS3
CVE ID
Дефекты
CWE-203
CWE-204
Связанные уязвимости
CVSS3: 4.3
nvd
больше 1 года назад
The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encryption used.
EPSS
Процентиль: 17%
0.00056
Низкий
5.3 Medium
CVSS4
4.3 Medium
CVSS3
CVE ID
Дефекты
CWE-203
CWE-204