CVE-2012-3458

Опубликовано: 13 авг. 2012

Источник: redhat

CVSS2: 4

EPSS Низкий

Описание

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

Отчет

Not vulnerable. This issue did not affect the versions of python-beaker as shipped with Red Hat Enterprise Linux 6 as it did not include support for using python-crypto.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	python-beaker	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=809267python-beaker: weak use of crypto can leak information to remote attackers

EPSS

Процентиль: 69%

0.00603

Низкий

4 Medium

CVSS2

Связанные уязвимости

CVE-2012-3458

ubuntu

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

CVE-2012-3458

nvd

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES in ECB cipher mode, which might allow remote attackers to obtain portions of sensitive session data via unspecified vectors.

CVE-2012-3458

debian

больше 13 лет назад

Beaker before 1.6.4, when using PyCrypto to encrypt sessions, uses AES ...

GHSA-39vm-p9mr-4r27

CVSS3: 5.3

github

больше 3 лет назад

Beaker Sensitive Information Disclosure vulnerability

EPSS

Процентиль: 69%

0.00603

Низкий

4 Medium

CVSS2