CVE-2024-41270

EPSS 0.31%
Veröffentlicht 06.08.2024 21:16:03
Zuletzt bearbeitet 12.08.2024 18:25:28
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue discovered in the RunHTTPServer function in Gorush v1.18.4 allows attackers to intercept and manipulate data due to use of deprecated TLS version.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Appleboy ≫ Gorush SwPlatformgo Version <= 1.18.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.31%	0.222

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://gist.github.com/nyxfqq/cfae38fada582a0f576d154be1aeb1fc

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-41270

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-41270

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-41270

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-41270