Lucene search
HistorySep 20, 2023 - 6:15 a.m.
CVE-2023-43618
croc protocol
ip addresses
cleartext
security issue
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message.
Affected configurations
Node
schollzcrocRange≤9.6.5
Related
cve
cve
CVE-2023-43618
2023-09-20 06:15:10
alpinelinux
alpinelinux
CVE-2023-43618
2023-09-20 06:15:10
osv
osv
Croc requires senders to provide local IP addresses in cleartext
2023-09-20 06:30:50
CVE-2023-43618
2023-09-20 06:15:10
cvelist
cvelist
CVE-2023-43618
2023-09-20 00:00:00
prion
prion
Design/Logic Flaw
2023-09-20 06:15:00
wolfi
wolfi
CVE-2023-43618 vulnerabilities
2024-06-27 09:08:32
github
github
Croc requires senders to provide local IP addresses in cleartext
2023-09-20 06:30:50
veracode
veracode
Information Exposure
2023-09-29 10:59:02
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
20.8%
Related for NVD:CVE-2023-43618