CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
29.5%
DeviceFarmer stf v3.6.6 suffers from Use of a Broken or Risky Cryptographic Algorithm.
Vendor | Product | Version | CPE |
---|---|---|---|
devicefarmer | stf | * | cpe:2.3:a:devicefarmer:stf:*:*:*:*:*:*:*:* |
github.com/advisories/GHSA-7xm8-wjq7-88r5
github.com/DeviceFarmer/stf
github.com/DeviceFarmer/stf/blob/a6b5f18941d0de5929f9c24c3ce3e9c13317a653/lib/util/vncauth.js#L35
github.com/DeviceFarmer/stf/issues/736
github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-51839.md
nvd.nist.gov/vuln/detail/CVE-2023-51839
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
29.5%