Lucene search
Veracode Vulnerability DatabaseVERACODE:48411HistoryAug 08, 2024 - 3:30 a.m.
Data Interception And Manipulation
2024-08-0803:30:28
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
gorush
data interception
manipulation
deprecated tls
runhttpserver
server_normal.go
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
39.6%
Gorush is vulnerable to Data Interception and Manipulation. The vulnerability is due to the use of a deprecated TLS version in the RunHTTPServer function within server_normal.go, which allows an attacker to intercept and manipulate data.
Related
github
github
Gorush uses deprecated TLS versions
2024-08-06 21:30:47
nvd
nvd
CVE-2024-41270
2024-08-06 21:16:03
osv
osv
Gorush uses deprecated TLS versions in github.com/appleboy/gorush
2024-08-19 17:26:34
Gorush uses deprecated TLS versions
2024-08-06 21:30:47
cvelist
cvelist
CVE-2024-41270
2024-08-06 00:00:00
cve
cve
CVE-2024-41270
2024-08-06 21:16:03
vulnrichment
vulnrichment
CVE-2024-41270
2024-08-06 00:00:00
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
39.6%
Related for VERACODE:48411