Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.
References
Link | Resource |
---|---|
https://balwurk.com | Not Applicable |
https://balwurk.com/cve-use-of-hard-coded-cryptographic-key/ | Third Party Advisory |
https://writeback4t.com | Product |
https://www.xpand-it.com | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-12T00:00:00
Updated: 2023-09-12T11:14:53.617811
Reserved: 2023-02-27T00:00:00
Link: CVE-2023-27169
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T12:15:07.580
Modified: 2023-09-13T17:38:54.003
Link: CVE-2023-27169
JSON object: View
Redhat Information
No data.
CWE