CVE-2023-46894

Опубликовано: 09 нояб. 2023

Источник: redhat

CVSS3: 3.3

Описание

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

Отчет

Esptool has migrated to stronger encryption algorithms, but continues to support AES ECB when necessary to maintain compatibility with older chip revisions.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-326

https://bugzilla.redhat.com/show_bug.cgi?id=2248982esptool: inadequate encryption strength

3.3 Low

CVSS3

Связанные уязвимости

CVE-2023-46894

CVSS3: 7.5

ubuntu

около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

CVE-2023-46894

CVSS3: 7.5

nvd

около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitive information via weak cryptographic algorithm.

CVE-2023-46894

CVSS3: 7.5

debian

около 2 лет назад

An issue discovered in esptool 4.6.2 allows attackers to view sensitiv ...

GHSA-3f38-96qm-r3fw

CVSS3: 7.5

github

около 2 лет назад

esptool allows attackers to view sensitive information via weak cryptographic algorithm

3.3 Low

CVSS3