CVE-2012-3458

Опубликовано: 15 сент. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:python:beaker:*:*:*:*:*:*:*:*

Версия до 1.6.4 (включая)

EPSS

Процентиль: 69%

0.00603

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

CVE-2012-3458

ubuntu

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

CVE-2012-3458

redhat

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

CVE-2012-3458

debian

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES ...

GHSA-39vm-p9mr-4r27

CVSS3: 5.3

github

больше 3 лет назад

Beaker Sensitive Information Disclosure vulnerability

EPSS

Процентиль: 69%

0.00603

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-310