9.8

CVE-2023-38535

Use of Hard-coded Cryptographic Key vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.1 and 12.5.2. The vulnerability could compromise the cryptographic keys.  
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpentextExceed Turbox Version12.5.0
OpentextExceed Turbox Version12.5.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.27% 0.188
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security@opentext.com 4.7 1 3.6
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-321 Use of Hard-coded Cryptographic Key

The product uses a hard-coded, unchangeable cryptographic key.

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0801267
Permissions Required