CVE-2023-42419 in Maintenance Serverinformazioni

Riassunto

di MITRE • 05/03/2024

Maintenance Server, in Cybellum's QCOW air-gapped distribution (China Edition), versions 2.15.5 through 2.27, was compiled with a hard-coded private cryptographic key.


An attacker with administrative privileges & access to the air-gapped server could potentially use this key to run commands on the server. The issue was resolved in version 2.28. Earlier versions, including all Cybellum 1.x versions, and distributions for the rest of the world remain unaffected.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

08/09/2023

Divulgazione

05/03/2024

Moderazione

accettato

CPE

pronto

EPSS

0.00139

KEV

no

Attività

molto basso

Fonti

Might our Artificial Intelligence support you?

Check our Alexa App!