5 matches found
CVE-2023-27583
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583 Panindex uses hard coded cyptographic key
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...
CVE-2023-27583
CVE-2023-27583 affects PanIndex prior to version 3.1.3, where a hard-coded JWT signing key named “PanIndex” enables an attacker to forge tokens and perform admin actions. The issue is mitigated by upgrading to 3.1.3, which ships a patch. As a temporary workaround, the source code can be modified ...
CVE-2023-27583 Panindex uses hard coded cyptographic key
PanIndex is a network disk directory index. In Panindex prior to version 3.1.3, a hard-coded JWT key PanIndex is used. An attacker can use the hard-coded JWT key to sign JWT token and perform any actions as a user with admin privileges. Version 3.1.3 has a patch for the issue. As a workaround, on...