logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2023-36647

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2023-36647

Description:
A hard-coded cryptographic private key used to sign JWT authentication tokens in ProLion CryptoSpike 3.0.15P2 allows remote attackers to impersonate arbitrary users and roles in web management and REST API endpoints via crafted JWT tokens.
Last updated date:
12/14/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
12/14/2023
Reference url to background

https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36647

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy