Описание
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit this vulnerability.
EPSS
Процентиль: 33%
0.00126
Низкий
8.1 High
CVSS3
Дефекты
CWE-321
Связанные уязвимости
CVSS3: 8.1
github
4 месяца назад
Agentflow developed by Flowring has an Use of Hard-coded Cryptographic Key vulnerability, allowing unauthenticated remote attackers to exploit the fixed key to generate verification information, thereby logging into the system as any user. Attacker must first obtain an user ID in order to exploit this vulnerability.
EPSS
Процентиль: 33%
0.00126
Низкий
8.1 High
CVSS3
Дефекты
CWE-321