Lucene search
HistoryMar 29, 2023 - 9:15 p.m.
CVE-2023-28509
cve-2023-28509
encryption
packet-level security
password protection
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
40.0%
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 use weak encryption for packet-level security and passwords transferred on the wire.
Affected configurations
Node
rocketsoftwareunidataRange≤8.2.4
ORrocketsoftwareuniverseRange≤11.3.5
ORrocketsoftwareuniverseRange12.0.0–12.2.1
linuxlinux_kernelMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rocketsoftware | unidata | * | cpe:2.3:a:rocketsoftware:unidata:*:*:*:*:*:*:*:* |
| rocketsoftware | universe | * | cpe:2.3:a:rocketsoftware:universe:*:*:*:*:*:*:*:* |
| linux | linux_kernel | - | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-28509 Weak encryption in UniRPC protocol
2023-03-29 20:18:02
cve
cve
CVE-2023-28509
2023-03-29 21:15:08
prion
prion
Design/Logic Flaw
2023-03-29 21:15:00
rapid7blog
rapid7blog
Multiple Vulnerabilities in Rocket Software UniRPC server (Fixed)
2023-03-29 15:21:09
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
40.0%
Related for NVD:CVE-2023-28509