Lucene search
Veracode Vulnerability DatabaseVERACODE:42991HistoryAug 29, 2023 - 9:30 a.m.
Hardcoded DNS Key
2023-08-2909:30:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
hardcoded dns key
gravitl/netmaker software
attacker access
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.097 Low
EPSS
Percentile
94.8%
github.com/gravitl/netmaker uses a Hardcoded DNS Key. The vulnerability exists because the library does not securely set a DNS secret key, which allows an attacker to access DNS related API endpoints
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/gravitl/netmaker | le | v0.18.5 | |
| github.com/gravitl/netmaker | le | v0.18.5 |
Related
cvelist
cvelist
CVE-2023-32077 Netmaker has Hardcoded DNS Secret Key
2023-08-24 21:23:14
prion
prion
Hardcoded credentials
2023-08-24 22:15:00
osv
osv
CVE-2023-32077
2023-08-24 22:15:08
Netmaker has Hardcoded DNS Secret Key
2023-08-25 18:38:18
nvd
nvd
CVE-2023-32077
2023-08-24 22:15:08
cve
cve
CVE-2023-32077
2023-08-24 22:15:08
github
github
Netmaker has Hardcoded DNS Secret Key
2023-08-25 18:38:18
nuclei
nuclei
Netmaker - Hardcoded DNS Secret Key
2024-04-29 12:54:31
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.097 Low
EPSS
Percentile
94.8%
Related for VERACODE:42991