exploitDog

GHSA-xw39-57rx-4hr5

Опубликовано: 12 янв. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static key.

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static key.

Ссылки

EPSS

Процентиль: 25%

0.00082

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-321

CWE-798

Связанные уязвимости

CVE-2023-49256

CVSS3: 7.5

nvd

больше 1 года назад

It is possible to download the configuration backup without authorization and decrypt included passwords using hardcoded static key.

EPSS

Процентиль: 25%

0.00082

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-321

CWE-798