4 matches found
CVE-2023-37291
creationtimestamp| type| source ---|---|--- 2023-07-21 07:33:17+00:00| seen| https://t.me/cibsecurity/67070...
CVE-2023-37291
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291 Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through...
CVE-2023-37291
The CVE-2023-37291 issue affects Galaxy Software Services Vitals ESP (versions 3.0.8–6.2.0) where a hard-coded encryption key enables an unauthenticated remote attacker to generate a valid token parameter and gain access to the system to operate processes and access data. This is confirmed across...