CWE-321
Use of Hard-coded Cryptographic Key
The product uses a hard-coded, unchangeable cryptographic key.
CVE-2023-27584 (GCVE-0-2023-27584)
Vulnerability from cvelistv5 – Published: 2024-09-19 22:54 – Updated: 2024-09-26 03:55
VLAI
Title
Dragonfly2 vulnerable to hard coded cyptographic key
Summary
Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, "Secret Key", is hard coded, which leads to authentication bypass. An attacker can perform any action as a user with admin privileges. This issue has been addressed in release version 2.0.9. All users are advised to upgrade. There are no known workarounds for this vulnerability.
Severity
9.8 (Critical)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/dragonflyoss/Dragonfly2/securi… | x_refsource_CONFIRM |
| https://github.com/dragonflyoss/Dragonfly2/releas… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| dragonflyoss | Dragonfly2 |
Affected:
< 2.0.9
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dragonflyoss:dragonfly2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "dragonfly2",
"vendor": "dragonflyoss",
"versions": [
{
"lessThan": "2.0.9",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27584",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-25T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T03:55:52.647Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Dragonfly2",
"vendor": "dragonflyoss",
"versions": [
{
"status": "affected",
"version": "\u003c 2.0.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, \"Secret Key\", is hard coded, which leads to authentication bypass. An attacker can perform any action as a user with admin privileges. This issue has been addressed in release version 2.0.9. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T22:54:40.045Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/dragonflyoss/Dragonfly2/security/advisories/GHSA-hpc8-7wpm-889w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dragonflyoss/Dragonfly2/security/advisories/GHSA-hpc8-7wpm-889w"
},
{
"name": "https://github.com/dragonflyoss/Dragonfly2/releases/tag/v2.0.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dragonflyoss/Dragonfly2/releases/tag/v2.0.9"
}
],
"source": {
"advisory": "GHSA-hpc8-7wpm-889w",
"discovery": "UNKNOWN"
},
"title": "Dragonfly2 vulnerable to hard coded cyptographic key"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-27584",
"datePublished": "2024-09-19T22:54:40.045Z",
"dateReserved": "2023-03-04T01:03:53.634Z",
"dateUpdated": "2024-09-26T03:55:52.647Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32077 (GCVE-0-2023-32077)
Vulnerability from cvelistv5 – Published: 2023-08-24 21:23 – Updated: 2024-10-02 19:14
VLAI
Title
Netmaker has Hardcoded DNS Secret Key
Summary
Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server.
Severity
7.5 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/gravitl/netmaker/security/advi… | x_refsource_CONFIRM |
| https://github.com/gravitl/netmaker/pull/2170 | x_refsource_MISC |
| https://github.com/gravitl/netmaker/commit/1621c2… | x_refsource_MISC |
| https://github.com/gravitl/netmaker/commit/9362c3… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:03:28.931Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx"
},
{
"name": "https://github.com/gravitl/netmaker/pull/2170",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gravitl/netmaker/pull/2170"
},
{
"name": "https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51"
},
{
"name": "https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T19:14:09.737338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:14:22.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "netmaker",
"vendor": "gravitl",
"versions": [
{
"status": "affected",
"version": "\u003c 0.17.1"
},
{
"status": "affected",
"version": "\u003e= 0.18.0, \u003c 0.18.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run `docker pull gravitl/netmaker:v0.17.1` and `docker-compose up -d`. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-24T21:57:07.712Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx"
},
{
"name": "https://github.com/gravitl/netmaker/pull/2170",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gravitl/netmaker/pull/2170"
},
{
"name": "https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51"
},
{
"name": "https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657"
}
],
"source": {
"advisory": "GHSA-8x8h-hcq8-jwwx",
"discovery": "UNKNOWN"
},
"title": "Netmaker has Hardcoded DNS Secret Key"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32077",
"datePublished": "2023-08-24T21:23:14.294Z",
"dateReserved": "2023-05-01T16:47:35.315Z",
"dateUpdated": "2024-10-02T19:14:22.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32169 (GCVE-0-2023-32169)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-09-18 18:28
VLAI
Title
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability
Summary
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker can leverage this vulnerability to bypass authentication on the system.
. Was ZDI-CAN-19659.
Severity
9.8 (Critical)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://supportannouncement.us.dlink.com/announce… | vendor-advisory |
Date Public
2023-05-24 17:26
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:d-link:d-view:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "d-view",
"vendor": "d-link",
"versions": [
{
"lessThanOrEqual": "2.0.1.27",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32169",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-08T17:50:06.725196Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T19:38:05.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:10:23.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-714",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-714/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "D-View",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "DLink D-View8 1.0.2.13"
}
]
}
],
"dateAssigned": "2023-05-03T20:16:43.142Z",
"datePublic": "2023-05-24T17:26:52.808Z",
"descriptions": [
{
"lang": "en",
"value": "D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of D-Link D-View. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the TokenUtils class. The issue results from a hard-coded cryptographic key. An attacker can leverage this vulnerability to bypass authentication on the system.\n. Was ZDI-CAN-19659."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-18T18:28:26.477Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-714",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-714/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10332"
}
],
"source": {
"lang": "en",
"value": "Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative"
},
"title": "D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-32169",
"datePublished": "2024-05-03T01:56:47.263Z",
"dateReserved": "2023-05-03T20:10:47.063Z",
"dateUpdated": "2024-09-18T18:28:26.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3371 (GCVE-0-2023-3371)
Vulnerability from cvelistv5 – Published: 2023-06-27 01:55 – Updated: 2026-04-08 17:19
VLAI
Title
EmbedPress <= 3.7.3 - Sensitive Information Exposure
Summary
The EmbedPress plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'lock_content_form_handler' and 'display_password_form' function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to decrypt and view the password protected content.
Severity
5.3 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| wpdevteam | EmbedPress – PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs & more |
Affected:
0 , ≤ 3.7.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.189Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T21:39:11.630928Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T21:39:22.961Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EmbedPress \u2013 PDF Embedder, Embed YouTube Videos, 3D FlipBook, Social feeds, Docs \u0026 more",
"vendor": "wpdevteam",
"versions": [
{
"lessThanOrEqual": "3.7.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The EmbedPress plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the \u0027lock_content_form_handler\u0027 and \u0027display_password_form\u0027 function in versions up to, and including, 3.7.3. This makes it possible for unauthenticated attackers to decrypt and view the password protected content."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:19:46.681Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c1033b4d-82a0-4484-aebf-f35d6a2a9a13?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/Gutenberg/block-backend/block-embedpress.php#L30"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L231"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.7.3/EmbedPress/Includes/Classes/Helper.php#L278"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file10"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930523/embedpress#file28"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-06-22T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-06-23T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2023-06-26T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "EmbedPress \u003c= 3.7.3 - Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-3371",
"datePublished": "2023-06-27T01:55:28.259Z",
"dateReserved": "2023-06-22T16:50:17.015Z",
"dateUpdated": "2026-04-08T17:19:46.681Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3404 (GCVE-0-2023-3404)
Vulnerability from cvelistv5 – Published: 2023-08-31 05:33 – Updated: 2026-04-08 16:59
VLAI
Title
ProfileGrid <= 5.5.0 - Hardcoded Encryption Key
Summary
The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to the passphrase and iv being hardcoded in the 'pm_encrypt_decrypt_pass' function and used across all sites running the plugin. This makes it possible for authenticated attackers, with administrator-level permissions or above to decrypt and view users' passwords. If combined with another vulnerability, this can potentially grant lower-privileged users access to users' passwords.
Severity
4.9 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| metagauss | ProfileGrid – User Profiles, Groups and Communities |
Affected:
0 , ≤ 5.5.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d490bfb-6560-428e-ad91-0f8d8bc9b1f2?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/includes/class-profile-magic-request.php#L325"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2936383/profilegrid-user-profiles-groups-and-communities#file475"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-05T18:27:35.460046Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T19:33:06.520Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ProfileGrid \u2013 User Profiles, Groups and Communities",
"vendor": "metagauss",
"versions": [
{
"lessThanOrEqual": "5.5.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ProfileGrid plugin for WordPress is vulnerable to unauthorized decryption of private information in versions up to, and including, 5.5.0. This is due to the passphrase and iv being hardcoded in the \u0027pm_encrypt_decrypt_pass\u0027 function and used across all sites running the plugin. This makes it possible for authenticated attackers, with administrator-level permissions or above to decrypt and view users\u0027 passwords. If combined with another vulnerability, this can potentially grant lower-privileged users access to users\u0027 passwords."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:59:24.379Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6d490bfb-6560-428e-ad91-0f8d8bc9b1f2?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/includes/class-profile-magic-request.php#L325"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2936383/profilegrid-user-profiles-groups-and-communities#file475"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-06-25T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-06-25T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2023-07-17T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ProfileGrid \u003c= 5.5.0 - Hardcoded Encryption Key"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-3404",
"datePublished": "2023-08-31T05:33:10.376Z",
"dateReserved": "2023-06-26T12:32:34.057Z",
"dateUpdated": "2026-04-08T16:59:24.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-34123 (GCVE-0-2023-34123)
Vulnerability from cvelistv5 – Published: 2023-07-12 23:16 – Updated: 2024-11-06 17:01
VLAI
Summary
Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
Severity
No CVSS data available.
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SN… | vendor-advisory |
| https://www.sonicwall.com/support/notices/2307101… | related |
Impacted products
Date Public
2023-07-12 23:07
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:01:54.020Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related",
"x_transferred"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:00:38.382269Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:01:05.956Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GMS",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "9.3.2-SP1 and earlier versions"
}
]
},
{
"defaultStatus": "unknown",
"product": "Analytics",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "2.5.0.4-R7 and earlier versions"
}
]
}
],
"datePublic": "2023-07-12T23:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.\n\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-13T00:22:30.529Z",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0010"
},
{
"tags": [
"related"
],
"url": "https://www.sonicwall.com/support/notices/230710150218060"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-34123",
"datePublished": "2023-07-12T23:16:31.146Z",
"dateReserved": "2023-05-25T22:45:46.850Z",
"dateUpdated": "2024-11-06T17:01:05.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-34338 (GCVE-0-2023-34338)
Vulnerability from cvelistv5 – Published: 2023-07-05 18:02 – Updated: 2024-11-21 14:56
VLAI
Title
hard coded cryptographic key
Summary
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.
Severity
7.1 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| AMI | MegaRAC_SPx |
Affected:
12.0 , < 12.3
(RC)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T16:10:06.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-34338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T14:56:08.710961Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T14:56:24.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"ARM"
],
"product": "MegaRAC_SPx",
"vendor": "AMI",
"versions": [
{
"lessThan": "12.3",
"status": "affected",
"version": "12.0",
"versionType": "RC"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u0026nbsp;"
}
],
"value": "AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.\u00a0"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "N/A"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T18:02:37.919Z",
"orgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
"shortName": "AMI"
},
"references": [
{
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "hard coded cryptographic key",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
"assignerShortName": "AMI",
"cveId": "CVE-2023-34338",
"datePublished": "2023-07-05T18:02:37.919Z",
"dateReserved": "2023-06-01T16:05:31.612Z",
"dateUpdated": "2024-11-21T14:56:24.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3632 (GCVE-0-2023-3632)
Vulnerability from cvelistv5 – Published: 2023-08-09 08:05 – Updated: 2026-05-21 12:57
VLAI
Title
Hard-coded Cryptographic Key in Kunduz - Homework Helper App
Summary
Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.
This issue affects Kunduz - Homework Helper App: before 6.2.3.
Severity
9.8 (Critical)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-23-0446 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sifir Bes Education and Informatics | Kunduz - Homework Helper App |
Affected:
0 , < 6.2.3
(custom)
|
Date Public
2023-08-09 08:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.334Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"government-resource",
"x_transferred"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0446"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-10T14:55:32.406308Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-10T14:55:50.339Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kunduz - Homework Helper App",
"vendor": "Sifir Bes Education and Informatics",
"versions": [
{
"lessThan": "6.2.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gokhan CICEK"
}
],
"datePublic": "2023-08-09T08:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.\u003cp\u003eThis issue affects Kunduz - Homework Helper App: before 6.2.3.\u003c/p\u003e"
}
],
"value": "Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.\n\nThis issue affects Kunduz - Homework Helper App: before 6.2.3."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
},
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-21T12:57:53.199Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-23-0446"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0446"
}
],
"source": {
"advisory": "TR-23-0446",
"defect": [
"TR-23-0446"
],
"discovery": "EXTERNAL"
},
"title": "Hard-coded Cryptographic Key in Kunduz - Homework Helper App",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2023-3632",
"datePublished": "2023-08-09T08:05:57.144Z",
"dateReserved": "2023-07-12T07:54:24.491Z",
"dateUpdated": "2026-05-21T12:57:53.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-37291 (GCVE-0-2023-37291)
Vulnerability from cvelistv5 – Published: 2023-07-21 03:02 – Updated: 2024-10-24 14:31
VLAI
Title
Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key
Summary
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data.
This issue affects Vitals ESP: from 3.0.8 through 6.2.0.
Severity
8.6 (High)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Galaxy Software Services | Vitals ESP |
Affected:
3.0.8 , ≤ 6.2.0
(custom)
|
Date Public
2023-07-21 02:57
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:09:34.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.twcert.org.tw/tw/cp-132-7224-4fe1f-1.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37291",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T14:31:06.223754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-24T14:31:28.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Vitals ESP",
"vendor": "Galaxy Software Services",
"versions": [
{
"lessThanOrEqual": "6.2.0",
"status": "affected",
"version": "3.0.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-07-21T02:57:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eGalaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data.\u003c/div\u003e\n\n\u003cp\u003eThis issue affects Vitals ESP: from 3.0.8 through 6.2.0.\u003c/p\u003e"
}
],
"value": "Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data.\n\n\n\nThis issue affects Vitals ESP: from 3.0.8 through 6.2.0."
}
],
"impacts": [
{
"capecId": "CAPEC-191",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-191 Read Sensitive Strings Within an Executable"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-14T03:30:12.842Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7224-4fe1f-1.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Contact support from\u0026nbsp;\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eGalaxy Software Services\u003c/span\u003e"
}
],
"value": "Contact support from\u00a0\n\nGalaxy Software Services"
}
],
"source": {
"advisory": "TVN-202307009",
"discovery": "EXTERNAL"
},
"title": "Galaxy Software Services Vitals ESP - Use of Hard-coded Cryptographic Key",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2023-37291",
"datePublished": "2023-07-21T03:02:50.129Z",
"dateReserved": "2023-06-30T02:08:23.931Z",
"dateUpdated": "2024-10-24T14:31:28.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-37936 (GCVE-0-2023-37936)
Vulnerability from cvelistv5 – Published: 2025-01-14 14:09 – Updated: 2025-01-14 20:55
VLAI
Summary
A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.
Severity
9.6 (Critical)
CWE
- CWE-321 - Execute unauthorized code or commands
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiSwitch |
Affected:
7.4.0
Affected: 7.2.0 , ≤ 7.2.5 (semver) Affected: 7.0.0 , ≤ 7.0.7 (semver) Affected: 6.4.0 , ≤ 6.4.13 (semver) Affected: 6.2.0 , ≤ 6.2.7 (semver) Affected: 6.0.0 , ≤ 6.0.7 (semver) cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.13:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.12:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.11:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-37936",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T15:18:43.351489Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T20:55:06.579Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortiswitch:7.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:7.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.13:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.12:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.11:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.10:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.9:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.8:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.7:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortiswitch:6.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiSwitch",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "7.4.0"
},
{
"lessThanOrEqual": "7.2.5",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.7",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.13",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.7",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.7",
"status": "affected",
"version": "6.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "Execute unauthorized code or commands",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:09:30.417Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.com/psirt/FG-IR-23-260",
"url": "https://fortiguard.com/psirt/FG-IR-23-260"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiSwitch version 7.4.1 or above\nPlease upgrade to FortiSwitch version 7.2.6 or above\nPlease upgrade to FortiSwitch version 7.0.8 or above\nPlease upgrade to FortiSwitch version 6.4.14 or above\nPlease upgrade to FortiSwitch version 6.2.8 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2023-37936",
"datePublished": "2025-01-14T14:09:30.417Z",
"dateReserved": "2023-07-11T08:16:54.093Z",
"dateUpdated": "2025-01-14T20:55:06.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Prevention schemes mirror that of hard-coded password storage.
No CAPEC attack patterns related to this CWE.