← volver
CVE-2022-1252

Use of a Broken or Risky Cryptographic Algorithm in gnuboard/gnuboard5

CVSS 8.2 HIGHEPSS 0.5%CWE-327
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.2EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
11 abr 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Use of a Broken or Risky Cryptographic Algorithm in GitHub repository gnuboard/gnuboard5 prior to and including 5.5.5. A vulnerability in gnuboard v5.5.5 and below uses weak encryption algorithms leading to sensitive information exposure. This allows an attacker to derive the email address of any user, including when the 'Let others see my information.' box is ticked off. Or to send emails to any email address, with full control of its contents
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Productos afectados
gnuboard · gnuboard/gnuboard5

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://0g.vc/posts/insecure-cipher-gnuboard5/https://huntr.dev/bounties/c8c2c3e1-67d0-4a11-a4d4-11af567a9ebb