Lucene search

Broken encryption in EdgeX Foundry

🗓️ 19 Nov 2021 20:16:55Reported by GitHub Advisory DatabaseType

Broken encryption in app-functions-sdk "AES" transform in EdgeX Foundry releases prior to Jakarta. Upgrade to v2.1.0 for remediatio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2021-41278	19 Nov 202100:15	–	cve
OSV	GHSA-6C7M-QWXJ-MVHP Broken encryption in EdgeX Foundry	19 Nov 202120:55	–	osv
OSV	CVE-2021-41278	19 Nov 202100:15	–	osv
Veracode	Weak Encryption	22 Nov 202112:12	–	veracode
Cvelist	CVE-2021-41278 Broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allows attackers to decrypt messages via unspecified vectors	18 Nov 202123:50	–	cvelist
Prion	Input validation	19 Nov 202100:15	–	prion
NVD	CVE-2021-41278	19 Nov 202100:15	–	nvd

Vulners

Node

edgexfoundry app-service-configurableRange<2.1.0

edgexfoundry app-functions-sdk-goRange<2.1.0

Source	Link
github	www.github.com/edgexfoundry/app-functions-sdk-go/security/advisories/GHSA-6c7m-qwxj-mvhp
github	www.github.com/edgexfoundry/app-functions-sdk-go/commit/8fa13c6388ce76a6b878b54490eac61aa7d81165
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-41278
github	www.github.com/advisories/GHSA-6c7m-qwxj-mvhp

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Nov 2021 20:55Current

5.3Medium risk

Vulners AI Score5.3

CVSS22.6

CVSS35.4 - 5.7

EPSS0.00074

CWE-327