← Volver a CVEs
CVE-2023-41137
HIGH8.0
Descripcion
Symmetric encryption used to protect messages between the AppsAnywhere server and client can be broken by reverse engineering the client and used to impersonate the AppsAnywhere server.
Detalles CVE
Puntuacion CVSS v3.18.0
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado11/9/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
appsanywhere:appsanywhere_client
Debilidades (CWE)
CWE-321CWE-798CWE-798
Referencias
https://docs.appsanywhere.com/appsanywhere/3.1/2023-11-security-advisory(info@appcheck-ng.com)
https://docs.appsanywhere.com/appsanywhere/3.1/2023-11-security-advisory(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.